This topic contains 0 replies, has 0 voices, and was last updated by 
Viewing 2 posts - 1 through 2 (of 2 total)
-
Posts
-
I was restarting my LAN-to-LAN VPN connection and saw such messages in log:
WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).Is it really true, that I am using only 64-bit VPN-key? How to find out?
If really true, why is key length not configurable in Zeroshell?
How to use AES256 NOW?
It is year 2017, 64-bit keys were considered insecure even 10 years ago…
I did add to all my VPN-link Parameters: –cipher AES-256-CBC
Did I do the right thing? Am I using AES256 now?
At least it did disconnect current VPN tunnels and did not come back up, unless both sides were configured with –cipher AES-256-CBC
Viewing 2 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic.