Search found 5 matches

by jtpreston
Sun Sep 01, 2013 9:50 pm
Forum: Suggestions
Topic: Changing default key size for DH Params to 2048 bit
Replies: 1
Views: 7237

Changing default key size for DH Params to 2048 bit

I would suggest as a matter of security that a default install of OpenVPN through Amahi generate 2048 bit Diffie-Hellmann parameters instead of 1024 bit parameters. I say this because the NSA has said 1024 bit would only be good through 2010 whereas 2048 bit would be good until 2030. 2048 bit is muc...
by jtpreston
Tue Aug 27, 2013 9:55 am
Forum: VPN
Topic: After changing ciphers in config file, VPN stops working.
Replies: 3
Views: 2053

Re: After changing ciphers in config file, VPN stops working

I thought of that. I just thought that it would be nice to use the most secure ciphers around. Thanks for the reply!
by jtpreston
Mon Aug 26, 2013 7:58 am
Forum: VPN
Topic: After changing ciphers in config file, VPN stops working.
Replies: 3
Views: 2053

After changing ciphers in config file, VPN stops working.

I have added cipher AES-256-CBC and auth SHA512 to the bottom of both my server configuration file (/etc/openvpn/openvpn.conf) and to my client configuration file (/Library/Application Support/Tunnelblick/Configurations/MyHDA.conf (while on my mac)) or (/programfiles(x86)/HomeHDA/HomeHDA.conf (while...
by jtpreston
Mon Aug 26, 2013 7:40 am
Forum: VPN
Topic: Need Help Changing OpenVPN to 2048 Bit RSA from 1024 Bit RSA
Replies: 3
Views: 3342

Re: Need Help Changing OpenVPN to 2048 Bit RSA from 1024 Bit

So I would run openssl dhparam -out dh2048.pem 2048 from Terminal and it would replace the existing 1024 bit Diffie-Hellman parameters to 2048 bit? I would not need to move anything to another file location or make a change in the openvpn.conf file in /etc/openvpn ?
by jtpreston
Sat Aug 24, 2013 12:27 pm
Forum: VPN
Topic: Need Help Changing OpenVPN to 2048 Bit RSA from 1024 Bit RSA
Replies: 3
Views: 3342

Need Help Changing OpenVPN to 2048 Bit RSA from 1024 Bit RSA

I wanted to change OpenVPN to 2048 Bit RSA from 1024 Bit RSA. I noticed "Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA" in my log and I know that 2048 bit is more secure and just about as fast. I was wondering how to do this with OpenVPN through Amahi. I use U...