Page 1 of 1

Disable Weak Ciphers such as RC4-MD5

Posted: Fri Feb 22, 2019 8:49 am
by ruchshuk
How can I force the client and softether vpn server to use AES encryption only? When I created the ovpn file using SoftEther VPN Server Manager, I used AES encryption as encryption algorithm and installed it at client side. But I believe server is not accepting it- it is looking for RC4-MD5. How can I fix it?

Re: Disable Weak Ciphers such as RC4-MD5

Posted: Tue May 21, 2019 7:40 am
by cedar
I think SoftEther VPN Server can accept OpenVPN connection with AES encoding.
What error did you see?

Re: Disable Weak Ciphers such as RC4-MD5

Posted: Mon Oct 28, 2019 5:31 pm
by the6thbook
I'm still having this issue. I can't get RC4-MD5 disabled:

https://github.com/SoftEtherVPN/SoftEtherVPN/pull/343

Re: Disable Weak Ciphers such as RC4-MD5

Posted: Sun Nov 03, 2019 12:49 am
by ozone
I have the same issue.

A Mikrotik client connecting to a SE server always reverts to the weak RC4 cipher, although both support much higher ones like various forms of AES256...
But apparently, RC4 is all both nodes can agree upon during the initial handshake.

Until today, found no way of enforcing a higher cipher. Nor got any hint of how to do this on this forum or by someone of SE.

...Still hoping though...

Re: Disable Weak Ciphers such as RC4-MD5

Posted: Sun Feb 28, 2021 5:59 pm
by sukupandachu
Hi.

I have the same issue. I see it happens only when it connects through the VPNAzure relay network. Connecting directly through NAT utilizes the server selected cipher AES256-GCM-SHA384.

I am not sure if this has do to with network speed, that maybe forces Softether to use weaker (and faster) cipher on slow networks (using the VPNAzure relay), or if it has to do with the VPNAzure network itself.


Anyone knows why this behavior?
Anyone may point around the right direction?
Thks.

Re: Disable Weak Ciphers such as RC4-MD5

Posted: Mon Mar 08, 2021 2:25 pm
by AlexR
Hi Cummunity

I also run a server it Softether VPN. In the course of various security tests I noticed that the system allows connections with RC4.

I have counterchecked this with Test SSL Server, and the following list comes out.

Do I have any possibility to deactivate RC4 ?

TLSv1.2:
server selection: uses client preferences
3-- (key: RSA) RSA_WITH_RC4_128_MD5
3-- (key: RSA) RSA_WITH_RC4_128_SHA
3-- (key: RSA) RSA_WITH_3DES_EDE_CBC_SHA
3-- (key: RSA) RSA_WITH_AES_128_CBC_SHA
3f- (key: RSA) DHE_RSA_WITH_AES_128_CBC_SHA
3-- (key: RSA) RSA_WITH_AES_256_CBC_SHA
3f- (key: RSA) DHE_RSA_WITH_AES_256_CBC_SHA
3-- (key: RSA) RSA_WITH_AES_128_CBC_SHA256
3f- (key: RSA) DHE_RSA_WITH_AES_256_CBC_SHA256
3-- (key: RSA) RSA_WITH_AES_128_GCM_SHA256
3-- (key: RSA) RSA_WITH_AES_256_GCM_SHA384

Best Regards
Alex

Re: Disable Weak Ciphers such as RC4-MD5

Posted: Mon Mar 08, 2021 3:18 pm
by eddiewu
The cipher list is hardcoded into the source code (Mayaqua/Network.c). You can change and build yourself.
Below is my modification based on Build 9745 for your reference.

Original version:

Code: Select all

static char *cipher_list = "RC4-MD5 RC4-SHA AES128-SHA AES256-SHA DES-CBC-SHA DES-CBC3-SHA DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA AES128-GCM-SHA256 AES128-SHA256 AES256-GCM-SHA384 AES256-SHA256 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384"
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
	" DHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305";
#endif
;
My version (to build with OpenSSL 1.1.x so the second list will be in effect):

Code: Select all

#if OPENSSL_VERSION_NUMBER < 0x10100000L
static char *cipher_list = "RC4-MD5 RC4-SHA AES128-SHA AES256-SHA DES-CBC-SHA DES-CBC3-SHA DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA AES128-GCM-SHA256 AES128-SHA256 AES256-GCM-SHA384 AES256-SHA256 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384";
#endif

#if OPENSSL_VERSION_NUMBER >= 0x10100000L
static char *cipher_list = "ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 DHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES256-SHA256 ECDHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA256";
#endif

Re: Disable Weak Ciphers such as RC4-MD5

Posted: Mon Mar 08, 2021 5:49 pm
by AlexR
Hi and thanks for your Answer !

Since I still have an OpenSSL 1.0.2k-fips on the system, I simply changed the code as follows, so that the old RC4 ciphers are out.
The whole thing could be compiled and started and looks good at first sight.

Speaks from your point of view something against this solution ?
I would not like to update OpenSSL (Centos 7 system).

Regards
Alex

Code: Select all

static char *cipher_list = "ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 DHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES256-SHA256 ECDHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA256"
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
	" DHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305";
#endif
;

Re: Disable Weak Ciphers such as RC4-MD5

Posted: Tue Mar 09, 2021 2:17 am
by eddiewu
AlexR wrote:
Mon Mar 08, 2021 5:49 pm

Code: Select all

static char *cipher_list = "ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 DHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES256-SHA256 ECDHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA256"
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
	" DHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305";
#endif
;
OK it makes sense if you would like to stick to 1.0.x. And you can drop the two CHACHA20 ciphers in the first line too as they are not supported in 1.0.x.

Re: Disable Weak Ciphers such as RC4-MD5

Posted: Mon Apr 24, 2023 10:07 pm
by the6thbook
Any updates to this? I'm still seeing weak ciphers in Version 4.41 Build 9787 (English)

Nessus reports:
SSL RC4 Cipher Suites Supported (Bar Mitzvah)

ServerCipherGet command - Get the Encrypted Algorithm Used for VPN Communication.
Encrypted Algorithm Currently Used by VPN Server:
DHE-RSA-AES128-GCM-SHA256

But when scanned it still shows RC4 as supported.