Unable to change openvpn cipher from the default
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openvpn (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
I downloaded a .ovpn file from our (fairly old) VPN device to set up a connection in 22.10.
The .ovpn file has the line:
cipher AES-256-CBC
Get this error in system logs:
Oct 12 11:38:19 DXXXX nm-openvpn[14241]: OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-256-CBC') to --data-ciphers (currently 'AES-256-
Advised to change this to:
data-ciphers AES-256-
Which I did and recreated the connection using the edited .ovpn.
Got the same error as above. I've tried using cipher, data-ciphers-
I tried changing the value with the Ubuntu VPN settings (Identity -> Advanced -> Security) and changing the Cipher to AES-256-CBC using the Cipher drop down menu then clicking 'Apply'. Again, the same error message in the logs.
Oct 12 11:38:19 DXXXX nm-openvpn[14241]: OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-256-CBC') to --data-ciphers (currently 'AES-256-
I tried picking another random cipher from the list (ARIA-192-CFB) to see if the error message changed: it didn't. It seems that changes to the cipher (either via a file or manual changes) do not update the vpn settings.