XPost: alt.os.linux, alt.comp.freeware
I use free public openvpn configuration files found on the Internet which
have been working for years with only the "cipher AES-128-CBC" directive.
When I updated to OpenVPN 2.6.12, everything broke, which I narrowed down
to the lack of a "data-ciphers" directive based on this openvpn error.
https://i.postimg.cc/nhqwd2DD/my-vpn-error.jpg
"OPTIONS ERROR: failed to negotiate cipher with server.
Add the server's cipher ('AES-128-CBC') to --data-ciphers
(currently 'AES-256-GCM:AES-128-GCM')
if you want to connect to this server."
So I added this directive, but what does this directive even do?
data-ciphers AES-128-CBC
There's very little about ciphers in the official wikipedia for openvpn.
https://community.openvpn.net/openvpn/wiki/HOWTO
By default OpenVPN uses Blowfish, a 128 bit symmetrical cipher.
OpenVPN automatically supports any cipher which is supported by
the OpenSSL library, and as such can support ciphers which use
large key sizes. For example, the 256-bit version of AES
(Advanced Encryption Standard) can be used by adding the
following to both server and client configuration files:
cipher AES-256-CBC
While that's all they had for "ciphers", they had NOTHING for
"data-ciphers", which is what I'm trying to figure out what it does.
How are you supposed to figure out what "data-ciphers" does when the
OpenVPN wikipedia doesn't even mention the error that happens now?
It's especially frustrating how bad the OpenVPN documentation is when you
now get a new error about "ovpn-dco" which is a brand new "something" for
"data channel offload" (whatever that is) as I also now get this warning.
"Note: cipher 'AES-128-CBD' in --data-ciphers is not
supported by ovpn-dco, disabling data channel offload."
https://i.postimg.cc/zD0N7zrr/my-ovpn-dco-error.jpg
Where can I get information on what these two things are for openvpn?
data-ciphers AES-128-CBC
ovpn-dco disabled
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)
