We're deprecating the RSA configs

Post a reply

:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek: :angel: :clap: :crazy: :eh: :lolno: :problem: :shh: :shifty: :sick: :silent: :think: :thumbdown: :thumbup: :wave: :wtf: :yawn:

BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON

Topic review

If you wish to attach one or more files enter the details below.

Maximum filesize per attachment: 130 MiB.

Expand view Topic review: We're deprecating the RSA configs

Re: We're deprecating the RSA configs

by df » Wed Oct 06, 2021 12:39 am

On second thought, we'll be keeping the RSA configs. Several people have given valid reasons why they can't upgrade to something that supports ECC, and I don't like the idea of completely preventing them from being able to connect. So because of that, and because it's not going to make the network any less secure, we'll just keep the RSA instances up.

Aside from the reasons mentioned in the previous post, another reason I wanted to ditch RSA is because I thought it would make implementing tls-crypt-v2 into our port striping setup impossible, but I was able to figure out a way to do it. I still haven't written up a tutorial on using tls-crypt-v2, but it is implemented across the network now. Basically you just take any of our ECC/Ed25519/Ed448 OpenVPN configs and remove the stuff between (and including) <tls-crypt> and </tls-crypt>, and replace it with the tags <tls-crypt-v2> and </tls-crypt-v2>, and between those tags put the key data from https://cryptostorm.is/tlscryptv2 . I'll write up a proper howto eventually, probably put it up on cryptostorm.is/blog/

I still would like to do something to prevent newbies from using RSA when they should be using ECC. Maybe keep the RSA instances up but remove the configs from the website/github, or so RSA users still get updates move the configs to a different location (cryptostorm.is/configs/deprecated/ or /legacy/ something), or put a big scary warning all over the RSA config pages. A big part of the problem is that some users refuse to read any text, even if I put it in bold or big yellow warning letters, which is probably why almost 20% of the currently connected clients are on those RSA instances.

We're deprecating the RSA configs

by df » Sun Jul 04, 2021 10:13 pm

We'll be deprecating our RSA OpenVPN configs soon, so if you're still using those you need to switch over to the ECC ones (or use WireGuard).

The reason we're doing this is because the RSA configs only exist for people using ancient 2.3.x versions of OpenVPN, and according to https://community.openvpn.net/openvpn/w ... edVersions version 2.3.x reached it's end-of-life last month.
We've kept supporting it for this long because a handful of stubborn clients are still using 2.3.x, probably on certain embedded devices that sometimes make it difficult to upgrade, but it's time to force those clients to upgrade. The last 2.3.x release was on Sep 25, 2017, so if you're still using 2.3.x, you really need to upgrade.

Another reason we've had the RSA configs for so long is that a lot of our clients use Ubuntu, and Ubuntu's repos are slow about updating the OpenVPN plugin for Network Manager, which is also slow at supporting new features in OpenVPN. https://gitlab.gnome.org/GNOME/NetworkM ... aster/NEWS says they didn't add support for 'tls-crypt' until version 1.2.10, and they didn't add support for 'tls-version-min', 'tls-version-max', and 'compress' until version 1.8.12. https://packages.ubuntu.com/search?suit ... chon=names says everything is using 1.8.12, except bionic which is still on 1.8.2. So if you're still using bionic, you should use the terminal to connect to the VPN instead of Network Manager, or just upgrade.

If you try to use the RSA configs on a more recent OpenVPN you'll notice that it gives warnings about the "cipher AES-256-CBC" config directive. That's only there so that it'll work with those ancient OpenVPN versions, the server would still negotiate the cipher to AES-256-GCM if your OpenVPN supports it, and the TLS cipher would upgrade to whatever the best available is too. It's still more secure than the defaults most VPN providers use, but it's adding confusion for a lot of new customers, especially the ones new to Linux. Even though we've been recommending the ECC configs for years now, a lot of them are still using the RSA configs instead. So to avoid the confusion, and because of the other reasons listed above, we're ditching the RSA configs.