Deprecated openvpn option #94

pablos-here · 2023-01-25T21:56:41Z

As reported during startup ....

2023-01-25 21:37:54 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for
cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.

wfg · 2023-01-26T23:23:12Z

I believe --cipher comes from the OpenVPN config supplied by the user. How do you propose to fix this one?

pablos-here · 2023-01-26T23:56:47Z

Hey @wfg,

I took the coward's approach and followed the recommendation from the chimp[1], adding the following to openvpn_args:

"--data-ciphers-fallback" "AES-256-CBC"

Reference

podman logs -f openvpn-client

...
2023-01-26 17:51:31 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
...

pablos-here mentioned this issue Jan 26, 2023

Push Requests? #95

Closed

pablos-here mentioned this issue Feb 3, 2023

podman Support + performance tunes + misc #98

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Deprecated openvpn option #94

Deprecated openvpn option #94

pablos-here commented Jan 25, 2023

wfg commented Jan 26, 2023

pablos-here commented Jan 26, 2023

Deprecated openvpn option #94

Deprecated openvpn option #94

Comments

pablos-here commented Jan 25, 2023

wfg commented Jan 26, 2023

pablos-here commented Jan 26, 2023