mirror of
https://github.com/angristan/openvpn-install.git
synced 2025-12-06 20:52:42 +01:00
Undo TLS-CIPHER changes in f376ce91 in deference to harvester57's pull request
This commit is contained in:
jtbr
@@ -12,7 +12,6 @@ This fork includes :
|
||||
- AES-256-CBC and SHA-512 for HMAC (instead of BF-128-CBC and SHA1)
|
||||
- Run server in unprivileged mode, reducing risks to the system
|
||||
- TLS-auth to help [thwart DoS attacks](https://openvpn.net/index.php/open-source/documentation/howto.html#security) and provide a 2nd line of defense to the TLS channel.
|
||||
- [Perfect forward secrecy](http://en.wikipedia.org/wiki/Forward_secrecy)
|
||||
- [FDN's DNS Servers](http://www.fdn.fr/actions/dns/)
|
||||
- Nearest [OpenNIC DNS Servers](https://www.opennicproject.org/)
|
||||
- Up-to-date OpenVPN (2.3.11) thanks to [EPEL](http://fedoraproject.org/wiki/EPEL) and [swupdate.openvpn.net](https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos)
|
||||
@@ -34,12 +33,12 @@ Features :
|
||||
- 256 bits AES-GCM
|
||||
- SHA-384 RSA certificate
|
||||
|
||||
### Fast (lower encryption, supports openvpn connect [ios/android] clients)
|
||||
### Fast (lower encryption)
|
||||
Features :
|
||||
- 2048 bits RSA private key
|
||||
- 2048 bits Diffie-Hellman key
|
||||
- 128 bits AES-CBC
|
||||
- SHA-128 RSA certificate
|
||||
- 128 bits AES-GCM
|
||||
- SHA-256 RSA certificate
|
||||
|
||||
## Compatibility
|
||||
|
||||
|
||||
Reference in New Issue
Block a user