group.of.nepali.translators team mailing list archive

[ChristianEhrhardt <1379132@xxxxxxxxxxxxxxxxxx>]

In the upstream issue 673 [1].
Upstream removed some ciphers and ordered the others by preference.

That is fixed in >=Yakkety then.

@Seth - do you think we want/need to backport that change to Xenial?

[1]: https://community.openvpn.net/openvpn/ticket/673


** Bug watch added: community.openvpn.net/openvpn/ #673
   https://community.openvpn.net/openvpn/ticket/673

** Also affects: openvpn (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Changed in: openvpn (Ubuntu)
       Status: Confirmed => Fix Released

** Changed in: openvpn (Ubuntu Xenial)
       Status: New => Confirmed

** Changed in: openvpn (Ubuntu Xenial)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1379132

Title:
  openvpn has a poor choice of default cipher, and does not negotiate

Status in openvpn package in Ubuntu:
  Fix Released
Status in openvpn source package in Xenial:
  Confirmed

Bug description:
  all versions

  The default cipher for openvpn is BF-CBC (blowfish), which was likely
  once a good choice.

  Virtually all modern hardware has hardware acceleration/support for
  AES instructions, and can therefore do AES-128-CBC far faster and more
  efficiently than it can blowfish.

  Unfortunately, it also appears that openvpn doesn't negotiate the
  cipher at all, so it must match on both ends.

  1) please enhance openvpn so that there is at least some negotiation
  (if the server specifies a cipher, and the client does not, then use
  the server's cipher)

  2) change the default to be AES.

  thanks,
  lamont

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1379132/+subscriptions