From 36af5ec1001b2cb16e8febe4d1df01537af6a986 Mon Sep 17 00:00:00 2001 From: angristan Date: Sat, 22 Sep 2018 14:19:51 +0200 Subject: [PATCH] Update DH/RSA defaults --- openvpn-install.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/openvpn-install.sh b/openvpn-install.sh index 4ac4a50..2d205f4 100644 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -307,11 +307,11 @@ function installOpenVPN () { esac echo "" echo "Choose what size of Diffie-Hellman key you want to use:" - echo " 1) 2048 bits (fastest)" - echo " 2) 3072 bits (recommended, best compromise)" - echo " 3) 4096 bits (most secure)" + echo " 1) 2048 bits (recommended)" + echo " 2) 3072 bits" + echo " 3) 4096 bits" until [[ "$DH_KEY_SIZE_CHOICE" =~ ^[0-9]+$ ]] && [ "$DH_KEY_SIZE_CHOICE" -ge 1 ] && [ "$DH_KEY_SIZE_CHOICE" -le 3 ]; do - read -rp "DH key size [1-3]: " -e -i 2 DH_KEY_SIZE_CHOICE + read -rp "DH key size [1-3]: " -e -i 1 DH_KEY_SIZE_CHOICE done case $DH_KEY_SIZE_CHOICE in 1) @@ -326,11 +326,11 @@ function installOpenVPN () { esac echo "" echo "Choose what size of RSA key you want to use for the certificate:" - echo " 1) 2048 bits (fastest)" - echo " 2) 3072 bits (recommended, best compromise)" - echo " 3) 4096 bits (most secure)" + echo " 1) 2048 bits (recommended)" + echo " 2) 3072 bits" + echo " 3) 4096 bits" until [[ "$RSA_KEY_SIZE_CHOICE" =~ ^[0-9]+$ ]] && [ "$RSA_KEY_SIZE_CHOICE" -ge 1 ] && [ "$RSA_KEY_SIZE_CHOICE" -le 3 ]; do - read -rp "RSA key size [1-3]: " -e -i 2 RSA_KEY_SIZE_CHOICE + read -rp "RSA key size [1-3]: " -e -i 1 RSA_KEY_SIZE_CHOICE done case $RSA_KEY_SIZE_CHOICE in 1)