allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity

automatically add reneg-sec 0 to client and server configs when otp is being used to avoid connection resetting every hour. Edit docs to make clear that a more secure cipher needs to be selected to use with otp to avoid the connection being reset every 64 MB of data

Browse Source
This commit is contained in:
Luke
2017-01-24 14:37:48 +00:00
parent 1129eb09bc
commit 3ebc4903d8
3 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/otp.md
View File

@ -11,7 +11,9 @@ and use this image to generate user configuration.
In order to enable two factor authentication the following steps are required.
* Generate server configuration with `-2` option
* Choose a more secure [cipher](https://community.openvpn.net/openvpn/wiki/SWEET32) to use because since [OpenVPN 2.3.13](https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.13) the default openvpn cipher BF-CBC will cause a renegotiated connection every 64 MB of data
* Generate server configuration with `-2` and `-C $CIPHER` options
docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u udp://vpn.example.com -2