Hello. Thanks for the reply. > Disabling crypto is possible, but not what OpenVPN was designed for. > Also, disabling encryption (using --cipher) does not disable > authentication (--auth) too. If you want to control the TLS crypto, > use --tls-cipher. Note however that the TLS control channel is only > used for configuration, so disabling the crypto there won't give you a > faster VPN connection.
I understood it partially. So, what I get from this is that OpenVPN will do a ssl/tls handshake irrespective of the --cipher none option, because this configuration will only be used in the data channel. Is this right? Also, will using --cipher none get me a faster VPN connection? I hope so because we are removing encryption - decryption operations which use a lot of time and CPU (keeping security issues aside for a minute here) My original question was actually based on the Wireshark traces I saw. I was expecting no ssl/tls handshake when I had set --cipher none. Is there a config/alternate way which would lead me to show literally no handshake at all (just curious). Thanks
