Bernhard.Linz/openvpn-install
1
0
Fork 0
mirror of https://github.com/angristan/openvpn-install.git synced 2024-12-04 22:45:32 +01:00
Code Issues Projects Releases Wiki Activity

Update openvpn-install.sh

Browse Source 
Add:
1. TLS Cipher - TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
2. HMAC Auth - SHA224
This commit is contained in:
hybtoy 2017-09-26 15:04:34 +05:00 committed by GitHub
parent 882ea61b96
commit f4e4e96595
1 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
openvpn-install.sh
View File

@ -419,8 +419,9 @@ else
elif [[ "$CERT_TYPE" = '2' ]]; then
echo " 1) ECDHE-RSA-AES-256-GCM-SHA384 (recommended)"
echo " 2) ECDHE-RSA-AES-128-GCM-SHA256"
while [[ $CC_ENC != "1" && $CC_ENC != "2" ]]; do
read -p "Control channel cipher [1-2]: " -e -i 1 CC_ENC
echo " 3) DHE-RSA-AES-128-GCM-SHA256"
while [[ $CC_ENC != "1" && $CC_ENC != "2" && $CC_ENC != "3" ]]; do
read -p "Control channel cipher [1-3]: " -e -i 1 CC_ENC
done
case $CC_ENC in
1)
@ -429,6 +430,9 @@ else
2)
CC_ENC="TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256"
;;
3)
CC_ENC="TLS-DHE-RSA-WITH-AES-128-GCM-SHA256"
;;
esac
fi
echo ""
@ -447,20 +451,24 @@ else
echo "Choose which message digest algorithm you want to use for the data channel packets"
echo "and the tls-auth/tls-crypt control channel packets:"
fi
echo " 1) SHA-256"
echo " 2) SHA-384 (recommended)"
echo " 3) SHA-512"
while [[ $HMAC_AUTH != "1" && $HMAC_AUTH != "2" && $HMAC_AUTH != "3" ]]; do
echo " 1) SHA-224"
echo " 2) SHA-256"
echo " 3) SHA-384 (recommended)"
echo " 4) SHA-512"
while [[ $HMAC_AUTH != "1" && $HMAC_AUTH != "2" && $HMAC_AUTH != "3" && $HMAC_AUTH != "4" ]]; do
read -p "HMAC authentication algorithm [1-3]: " -e -i 2 HMAC_AUTH
done
case $HMAC_AUTH in
1)
HMAC_AUTH="SHA256"
HMAC_AUTH="SHA224"
;;
2)
HMAC_AUTH="SHA384"
HMAC_AUTH="SHA256"
;;
3)
HMAC_AUTH="SHA384"
;;
4)
HMAC_AUTH="SHA512"
;;
esac