summaryrefslogtreecommitdiff
path: root/puppet/modules/site_openvpn
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2012-11-23 01:55:05 -0800
committerelijah <elijah@riseup.net>2012-11-23 01:55:05 -0800
commite172773fa29275853649bec14d906d2899bf1de7 (patch)
tree80c5b0233075077311795f98b57d4eb2e811ebb9 /puppet/modules/site_openvpn
parent3e53ba65fbf1eb48dbe01526342e601a1c10c824 (diff)
openvpn -- enforce certain cipher choices on the server
Diffstat (limited to 'puppet/modules/site_openvpn')
-rw-r--r--puppet/modules/site_openvpn/manifests/server_config.pp67
1 files changed, 66 insertions, 1 deletions
diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp
index 482c6ab7..6fc3a3c2 100644
--- a/puppet/modules/site_openvpn/manifests/server_config.pp
+++ b/puppet/modules/site_openvpn/manifests/server_config.pp
@@ -1,3 +1,57 @@
+#
+# Cipher discussion
+# ================================
+#
+# We want to specify explicit values for the crypto options to prevent a MiTM from forcing
+# a weaker cipher. These should be set in both the server and the client ('auth' and 'cipher'
+# MUST be the same on both ends or no data will get transmitted).
+#
+# tls-cipher DHE-RSA-AES128-SHA
+#
+# dkg: For the TLS control channel, we want to make sure we choose a
+# key exchange mechanism that has PFS (meaning probably some form of ephemeral
+# Diffie-Hellman key exchange), and that uses a standard, well-tested cipher
+# (I recommend AES, and 128 bits is probably fine, since there are some known
+# weaknesses in the 192- and 256-bit key schedules). That leaves us with the
+# choice of public key algorithms: /usr/sbin/openvpn --show-tls | grep DHE |
+# grep AES128 | grep GCM.
+#
+# elijah:
+# I could not get any of these working:
+# * openvpn --show-tls | grep GCM
+# * openvpn --show-tls | grep DHE | grep AES128 | grep SHA256
+# so, i went with this:
+# * openvpn --show-tls | grep DHE | grep AES128 | grep -v SHA256 | grep -v GCM
+# Also, i couldn't get any of the elliptical curve algorithms to work. Not sure how
+# our cert generation interacts with the tls-cipher algorithms.
+#
+# note: in my tests, DHE-RSA-AES256-SHA is the one it negotiates if no value is set.
+#
+# auth SHA1
+#
+# dkg: For HMAC digest to authenticate packets, we just want SHA256. OpenVPN lists
+# a number of “digest” with names like “RSA-SHA256”, but this are legacy and
+# should be avoided.
+#
+# elijah: i am not so sure that the digest algo matters for 'auth' option, because
+# i think an attacker would have to forge the digest in real time, which is still far from
+# a possibility for SHA1. So, i am leaving the default for now (SHA1).
+#
+# cipher AES-128-CBC
+#
+# dkg: For the choice of cipher, we need to select an algorithm and a
+# cipher mode. OpenVPN defaults to Blowfish, which is a fine algorithm — but
+# our control channel is already relying on AES not being broken; if the
+# control channel is cracked, then the key material for the tunnel is exposed,
+# and the choice of algorithm is moot. So it makes more sense to me to rely on
+# the same cipher here: AES128. As for the cipher mode, OFB seems cleaner to
+# me, but CBC is more well-tested, and the OpenVPN man page (at least as of
+# version 2.2.1) says “CBC is recommended and CFB and OFB should be considered
+# advanced modes.”
+#
+# note: the default is BF-CBC (blowfish)
+#
+
define site_openvpn::server_config ($port, $proto, $local, $server, $push, $management ) {
$openvpn_configname = $name
@@ -29,7 +83,18 @@ define site_openvpn::server_config ($port, $proto, $local, $server, $push, $mana
key => 'dh',
value => '/etc/openvpn/keys/dh.pem',
server => $openvpn_configname;
-
+ "tls-cipher $openvpn_configname":
+ key => 'tls-cipher',
+ value => 'DHE-RSA-AES128-SHA',
+ server => $openvpn_configname;
+ "auth $openvpn_configname":
+ key => 'auth',
+ value => 'SHA1',
+ server => $openvpn_configname;
+ "cipher $openvpn_configname":
+ key => 'cipher',
+ value => 'AES-128-CBC',
+ server => $openvpn_configname;
"dev $openvpn_configname":
key => 'dev',
value => 'tun',