On 15/12/16 21:35, Dreetjeh D wrote: > Hi, > > So in (2), parts of the one ta.key are used..... > > I had a hunch when looking at the log`s stating: > > >TLS: Initial packet from [AF_INET]............:1194, sid=XXXXXXXX > XXXXXXXX< > > Where the X`s represent the subkey`s? > > Thinking loud, the opposite side uses two different subkey`s, then four > subkey`s are derived. > > If so, then one cannot use two different ta.key`s in same way one can > use client-CA and server-CA.
That is correct. --tls-auth (and --tls-crypt in v2.4) requires that the
provided key (ta.key in my example below, as you top-post) is shared
among all clients and server.
This is _by design_, as it is not possible to derive a shared secret
this early in the packet processing. This check happens before the SSL
library really get a chance to look at the TLS packet, which is using
the client/server keys and certificates), even before OpenVPN checks if
this packet is a data channel or control channel packet.
This HMAC check even happen so early that if you use UDP as transport on
your server, the UDP port will seem to be closed by port scanners. If
the HMAC signature in the UDP packet doesn't make sense, the packet is
dropped instantly.
(With TCP as transport, it is different as the SYN/ACK handshake needs
to complete before you can start to send packets over the wire)
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
> Op 15-12-2016 om 21:10 schreef David Sommerseth:
>> On 15/12/16 20:55, Dreetjeh D wrote:
>>> Sorry, i forgot cc
>>>
>>> Hi,
>>>
>>> I have a question about this:
>>>
>>> Op 14-12-2016 om 21:06 schreef Steffan Karger:
>>>> You're using TLS-auth to protect against mitm attacks on your TLS
>>>> connection, which is very good. *key-directing 1 means you are using
>>>> different keys for client-server
>>>> and server-client traffic*, which is
>>>> good too.
>>>>
>>> key-direction also works when ta.key is the same on both sides.
>>>
>>> It is intended that no warning/info message appears in logs when using
>>> the same key?
>> You can use
>>
>> (1) --tls-auth ta.key
>>
>> or
>>
>> (2) --tls-auth ta.key {0,1}
>>
>>
>> In (1) you will get a connection, and I believe both sides will use the
>> same subkey in ta.key (haven't checked the code yet, so don't trust me
>> fully yet).
>>
>> In (2) client and server must use different values, otherwise you will
>> see "packet HMAC authentication failed" errors in the log. If server
>> uses 0, the client must use 1 ... or vice versa. In this mode, the
>> client and server uses different sub-keys from ta.key.
>>
>>
>> --
>> kind regards,
>>
>> David Sommerseth
>> OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
