Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-128-GCM) #41

Open
marcuscvj opened this issue Feb 28, 2023 · 4 comments
Open

DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-128-GCM) #41

marcuscvj opened this issue Feb 28, 2023 · 4 comments

Comments

@marcuscvj
Copy link

I'm trying to connect to a VPS using OpenVPN with this solutions. However I stumble upon this error and I'm not sure what it means and what to do to fix it:

=========== end configuration ===========
running command: sudo openvpn --config ./.github/openvpn/config.ovpn --daemon --log openvpn.log --writepid openvpn.pid
Warning: 2023-02-28 16:23:40 Note: Treating option '--ncp-ciphers' as  '--data-ciphers' (renamed in OpenVPN 2.5).

Error: 2023-02-28 16:23:40 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
Options error: If you use one of --cert or --key, you must use them both
Use --help for more information.

Error: command: sudo openvpn --config ./.github/openvpn/config.ovpn --daemon --log openvpn.log --writepid openvpn.pid returned 1
@kota65535
Copy link
Owner

What are the versions of the OpenVPN server and client you are using?

@marcuscvj
Copy link
Author

When testing this with OpenVPN locally on my computer it says OpenVPN 2.6.0 [git:v2.6.0/b999466418dddb89] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Feb 15 2023. The server I do not know unfortunately. Is that something I need to check with our sysadmin?

However, that depricated message seems not to be stopping OpenVPN to connect, however in the GitHub actions it stops it at that message and throws it as an error.

@kota65535
Copy link
Owner

The reason this GitHub Action stopped is the openvpn command returns non-zero value.
However deprecation warnings are generally not errors, so it is expected to continue running.
Could you try changing your configuration to suppress the warning?

@aiell0
Copy link

aiell0 commented Oct 25, 2023
edited
Loading

@marcuscvj in case anyone else is stuck on this, you need to change your client.ovpn file where it says:

cipher: AES-256-CBC

to

data-ciphers-fallback AES-256-CBC

that fixed it for me :)

More information can be found here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@aiell0 @kota65535 @marcuscvj