{"id":2091,"date":"2013-10-08T22:32:50","date_gmt":"2013-10-08T20:32:50","guid":{"rendered":"http:\/\/blog.wenzlaff.de\/?p=2091"},"modified":"2021-11-22T17:16:00","modified_gmt":"2021-11-22T16:16:00","slug":"wie-koennen-die-verschluesselungs-modus-und-hash-algorithmen-von-openvpn-servern-angezeigt-werden","status":"publish","type":"post","link":"http:\/\/blog.wenzlaff.de\/?p=2091","title":{"rendered":"Wie k\u00f6nnen die verschl\u00fcsselungs Modus und Hash Algorithmen von OpenVPN Servern angezeigt werden?"},"content":{"rendered":"<p>Auf der Konsole bei laufenden OpenVPN Server k\u00f6nnen alle verf\u00fcgbaren verschl\u00fcsselungs Algorithmen wie folgt angezeigt werden:<\/p>\n<p>root@OpenWrt:\/# \/usr\/sbin\/<strong>openvpn &#8212; &#8211;show-ciphers<\/strong><\/p>\n<p>Das Ergebnis:<br \/>\n<code><br \/>\nDES-CFB 64 bit default key (fixed)<br \/>\nDES-CBC 64 bit default key (fixed)<br \/>\nRC2-CBC 128 bit default key (variable)<br \/>\nRC2-CFB 128 bit default key (variable)<br \/>\nRC2-OFB 128 bit default key (variable)<br \/>\nDES-EDE-CBC 128 bit default key (fixed)<br \/>\nDES-EDE3-CBC 192 bit default key (fixed)<br \/>\nDES-OFB 64 bit default key (fixed)<br \/>\nDES-EDE-CFB 128 bit default key (fixed)<br \/>\nDES-EDE3-CFB 192 bit default key (fixed)<br \/>\nDES-EDE-OFB 128 bit default key (fixed)<br \/>\nDES-EDE3-OFB 192 bit default key (fixed)<br \/>\nDESX-CBC 192 bit default key (fixed)<br \/>\nBF-CBC 128 bit default key (variable)<br \/>\nBF-CFB 128 bit default key (variable)<br \/>\nBF-OFB 128 bit default key (variable)<br \/>\nRC2-40-CBC 40 bit default key (variable)<br \/>\nCAST5-CBC 128 bit default key (variable)<br \/>\nCAST5-CFB 128 bit default key (variable)<br \/>\nCAST5-OFB 128 bit default key (variable)<br \/>\nRC2-64-CBC 64 bit default key (variable)<br \/>\nAES-128-CBC 128 bit default key (fixed)<br \/>\nAES-128-OFB 128 bit default key (fixed)<br \/>\nAES-128-CFB 128 bit default key (fixed)<br \/>\nAES-192-CBC 192 bit default key (fixed)<br \/>\nAES-192-OFB 192 bit default key (fixed)<br \/>\nAES-192-CFB 192 bit default key (fixed)<br \/>\nAES-256-CBC 256 bit default key (fixed)<br \/>\nAES-256-OFB 256 bit default key (fixed)<br \/>\nAES-256-CFB 256 bit default key (fixed)<br \/>\nAES-128-CFB1 128 bit default key (fixed)<br \/>\nAES-192-CFB1 192 bit default key (fixed)<br \/>\nAES-256-CFB1 256 bit default key (fixed)<br \/>\nAES-128-CFB8 128 bit default key (fixed)<br \/>\nAES-192-CFB8 192 bit default key (fixed)<br \/>\nAES-256-CFB8 256 bit default key (fixed)<br \/>\nDES-CFB1 64 bit default key (fixed)<br \/>\nDES-CFB8 64 bit default key (fixed)<br \/>\nDES-EDE3-CFB1 192 bit default key (fixed)<br \/>\nDES-EDE3-CFB8 192 bit default key (fixed)<br \/>\nSEED-CBC 128 bit default key (fixed)<br \/>\nSEED-OFB 128 bit default key (fixed)<br \/>\nSEED-CFB 128 bit default key (fixed)<br \/>\n<\/code><\/p>\n<p>Die verf\u00fcgbare Hash Algorithmen k\u00f6nnen wie folgt angezeigt werden:<\/p>\n<p><strong>\/usr\/sbin\/openvpn &#8212; &#8211;show-digests<\/strong><\/p>\n<p>Folgende Liste wird geliefert:<br \/>\n<code><br \/>\nMD5 128 bit digest size<br \/>\nRSA-MD5 128 bit digest size<br \/>\nSHA1 160 bit digest size<br \/>\nRSA-SHA1 160 bit digest size<br \/>\nDSA-SHA1-old 160 bit digest size<br \/>\nDSA-SHA1 160 bit digest size<br \/>\nRSA-SHA1-2 160 bit digest size<br \/>\nDSA 160 bit digest size<br \/>\nMD4 128 bit digest size<br \/>\nRSA-MD4 128 bit digest size<br \/>\nRSA-SHA256 256 bit digest size<br \/>\nRSA-SHA384 384 bit digest size<br \/>\nRSA-SHA512 512 bit digest size<br \/>\nRSA-SHA224 224 bit digest size<br \/>\nSHA256 256 bit digest size<br \/>\nSHA384 384 bit digest size<br \/>\nSHA512 512 bit digest size<br \/>\nSHA224 224 bit digest size<br \/>\nwhirlpool 512 bit digest size<br \/>\n<\/code><\/p>\n<p>Und root@OpenWrt:\/# \/usr\/sbin\/<strong>openvpn &#8212; &#8211;show-tls<\/strong><br \/>\n<code><br \/>\nAvailable TLS Ciphers,<br \/>\nlisted in order of preference:<\/p>\n<p>SRP-DSS-AES-256-CBC-SHA<br \/>\nSRP-RSA-AES-256-CBC-SHA<br \/>\nDHE-DSS-AES256-GCM-SHA384<br \/>\nDHE-RSA-AES256-GCM-SHA384<br \/>\nDHE-RSA-AES256-SHA256<br \/>\nDHE-DSS-AES256-SHA256<br \/>\nDHE-RSA-AES256-SHA<br \/>\nDHE-DSS-AES256-SHA<br \/>\nAES256-GCM-SHA384<br \/>\nAES256-SHA256<br \/>\nAES256-SHA<br \/>\nPSK-AES256-CBC-SHA<br \/>\nSRP-DSS-3DES-EDE-CBC-SHA<br \/>\nSRP-RSA-3DES-EDE-CBC-SHA<br \/>\nEDH-RSA-DES-CBC3-SHA<br \/>\nEDH-DSS-DES-CBC3-SHA<br \/>\nDES-CBC3-SHA<br \/>\nPSK-3DES-EDE-CBC-SHA<br \/>\nSRP-DSS-AES-128-CBC-SHA<br \/>\nSRP-RSA-AES-128-CBC-SHA<br \/>\nDHE-DSS-AES128-GCM-SHA256<br \/>\nDHE-RSA-AES128-GCM-SHA256<br \/>\nDHE-RSA-AES128-SHA256<br \/>\nDHE-DSS-AES128-SHA256<br \/>\nDHE-RSA-AES128-SHA<br \/>\nDHE-DSS-AES128-SHA<br \/>\nDHE-RSA-SEED-SHA<br \/>\nDHE-DSS-SEED-SHA<br \/>\nAES128-GCM-SHA256<br \/>\nAES128-SHA256<br \/>\nAES128-SHA<br \/>\nSEED-SHA<br \/>\nPSK-AES128-CBC-SHA<br \/>\nRC4-SHA<br \/>\nRC4-MD5<br \/>\nPSK-RC4-SHA<br \/>\nEDH-RSA-DES-CBC-SHA<br \/>\nEDH-DSS-DES-CBC-SHA<br \/>\nDES-CBC-SHA<br \/>\nEXP-EDH-RSA-DES-CBC-SHA<br \/>\nEXP-EDH-DSS-DES-CBC-SHA<br \/>\nEXP-DES-CBC-SHA<br \/>\nEXP-RC2-CBC-MD5<br \/>\nEXP-RC4-MD5<br \/>\n<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Auf der Konsole bei laufenden OpenVPN Server k\u00f6nnen alle verf\u00fcgbaren verschl\u00fcsselungs Algorithmen wie folgt angezeigt werden: root@OpenWrt:\/# \/usr\/sbin\/openvpn &#8212; &#8211;show-ciphers Das Ergebnis: DES-CFB 64 bit default key (fixed) DES-CBC 64 bit default key (fixed) RC2-CBC 128 bit default key (variable) RC2-CFB 128 bit default key (variable) RC2-OFB 128 bit default key (variable) DES-EDE-CBC 128 bit &hellip; <\/p>\n<p class=\"link-more\"><a href=\"http:\/\/blog.wenzlaff.de\/?p=2091\" class=\"more-link\"><span class=\"screen-reader-text\">\u201eWie k\u00f6nnen die verschl\u00fcsselungs Modus und Hash Algorithmen von OpenVPN Servern angezeigt werden?\u201c <\/span>weiterlesen<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[808],"tags":[1012,988,1011,989],"class_list":["post-2091","post","type-post","status-publish","format-standard","hentry","category-linux-2","tag-hash","tag-openvpn","tag-verschluesselnung","tag-vpn"],"_links":{"self":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts\/2091","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2091"}],"version-history":[{"count":0,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts\/2091\/revisions"}],"wp:attachment":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2091"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2091"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2091"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}