macos-openvpn-server: Update to openvpn 2.5, easy-rsa 3, EC-based PKI

README.md

@@ -5,21 +5,31 @@ macos-openvpn-server
 
 This repo describes how to build an OpenVPN VPN server on macOS using pfctl and [Tunnelblick](../../../../Tunnelblick/Tunnelblick).
 
-This configuration provides a TLS-based VPN server using 4096-bit certificates and UDP port 443, accessible by any OpenVPN client, especially iOS with the OpenVPN app.
+This configuration provides a TLS-based VPN server using EC ed25519 certificates and UDP port 443, accessible by any OpenVPN client, especially iOS with the OpenVPN app.
 
 ![OpenVPN iPad](images/OpenVPN_iPad.PNG)
 
+## Installation and Configuration Notes
+* Configuration for `openvpn` version 2.5 and [easy-rsa](../../../../OpenVPN/easy-rsa) version 3
+* Presumes latest macOS versions that use editable `/etc/sysctl.conf` to set:
+> ```
+> net.inet.ip.forwarding=1
+> net.inet6.ip6.forwarding=1
+> ```
+This is known to work for macOS 11+. See previous versions of this
+repo for a `launchctl`-based approach
+* Uses Edwards curve
+[ed25519](https://en.wikipedia.org/wiki/Curve25519) EC-based PKI
+for very fast VPN connections with 128-bit security
+
 ## VPN Configuration Advantages
 
 This OpenVPN configuration provides the following advantages:
 
 * Secure VPN networking for all mobile clients
 * Secure, certificate-based VPN
-    * OpenVPN the only certificate-based option between macOS and iOS
-    * PPTP-based VPN traffic "[should be considered unencrypted](https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/)"
-    * L2TP VPN (available in macOS Server.app) requires a very long random PSK; "[IPSEC-PSK is arguably worse than PPTP … for a dictionary-based attack vector](https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/)"
 * PF-based [firewall security](../../../osxfortress) on the server
-* Privatizing [Automatic Proxy Configuration](../../../osxfortress) for all mobile client devices
+* Privatizing [Proxy Configuration](../../../osxfortress) for all mobile client devices
     * Mobile device networking through PF firewall security
     * Tracker blocking
     * Ad blocking
@@ -32,28 +42,3 @@ Configure [Tunnelblick](../../../../Tunnelblick/Tunnelblick) settings so that th
 | [Tunnelblick](../../../../Tunnelblick/Tunnelblick) Settings |  Advanced… |
 :------------------------------------------------------------:|:-------------------------:
 ![Tunnelblick Settings](images/Tunnelblick%20Settings.png)|![Tunnelblick Advanced Settings](images/Tunnelblick%20Advanced%20Settings.png)
-
-## Privatizing Proxy for Mobile Devices
-
-A privatizing proxy is necessary to block mobile carriers from adding uniquely identifying HTTP headers used for customer tracking. See, for example, __[
-Does your phone company track you?](http://arstechnica.com/security/2014/11/does-your-phone-company-track-you/)__. The repo [essandess/osxfortress](../../../osxfortress) provides a firewall,
-blackhole, and privatizing proxy . Use the server configuration
-[config.ovpn.osxfortress](openvpn-server-tun.tblk/config.ovpn.osxfortress) for these features, including blocking the mobile carrier tracking headers:
-
-```
-# Mobile carrier uniquely identifying headers
-request_header_access MSISDN deny all           # T-Mobile
-request_header_access X-MSISDN deny all         # T-Mobile
-request_header_access X-UIDH deny all           # Verizon
-request_header_access x-up-subno deny all       # AT&T
-request_header_access X-ACR deny all            # AT&T
-request_header_access X-UP-SUBSCRIBER-COS deny all
-request_header_access X-OPWV-DDM-HTTPMISCDD deny all
-request_header_access X-OPWV-DDM-IDENTITY deny all
-request_header_access X-OPWV-DDM-SUBSCRIBER deny all
-request_header_access CLIENTID deny all
-request_header_access X-VF-ACR deny all
-request_header_access X_MTI_USERNAME deny all
-request_header_access X_MTI_EMAIL deny all
-request_header_access X_MTI_EMPID deny all
-```

openvpn-client-tun.ovpn

@@ -1,46 +1,35 @@
 ####
-## Domainname Mac UDP client configuration version 2.0
+## Mac UDP client configuration version 2.0
 ####
 client
 dev tun
 proto udp
-remote server.domainname.com 443
+remote domainname.tld 443
 redirect-gateway def1
-resolv-retry infinite
-nobind
 ;user nobody
 ;group nobody
-persist-key
-persist-tun
-;ca ca.crt
-;cert clientname.crt
-;key clientname.key
+remote-cert-tls server
 <ca>
------BEGIN CERTIFICATE-----
-MY CERT from ca.crt
------END CERTIFICATE-----
+; paste ca.pem and remove these comments:
+; openssl x509 -in pki/ca.crt | pbcopy
 </ca>
-ns-cert-type server
-;tls-auth ta.key 1
+<cert>
+; paste client cert and remove these comments:
+; openssl x509 -in pki/issued/client-domainname.crt -text | pbcopy
+</cert>
+<key>
+; paste client key and remove these comments:
+; openssl pkey -in pki/private/client-domainname.key -out pki/private/client-domainname.key.decrypted
+; pbcopy < pki/private/client-domainname.key.decrypted
+; rm pki/private/client-domainname.key.decrypted
+</key>
 key-direction 1
-<tls-auth>
-#
-# 4096 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-MY CERT from ta.key
------END OpenVPN Static key V1-----
-</tls-auth>
-; fields from server certificate: sudo cat keys/server-domainname.crt
-verify-x509-name 'C=US, O=DomainName, OU=OpenVPN, CN=domainname.tld' subject
-;auth-user-pass
-;tls-remote server-domainname
-;cipher BF-CBC  ; susceptible to SWEET32 attacks
-cipher AES-256-CBC
+<tls-crypt>
+; paste ta.key and remove these comments:
+; pbcopy < pki/ta.key
+</tls-crypt>
+cipher AES-256-GCM
+tls-version-min 1.3
 ; openvpn --show-tls | grep -e '^TLS' | grep -v 128 | grep -v -e 'SHA$' | grep -v GCM
-tls-cipher TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-DSS-WITH-AES-256-CBC-SHA256:TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384:TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384
-tls-version-min 1.2
-auth SHA512
-;client-http-proxy 10.0.1.3 3128
-verb 3
-# shaper 50000
+; tls-cipher TLS_CHACHA20_POLY1305_SHA256:TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256:TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256:TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
+;client-http-proxy 10.0.1.3 8118

openvpn-server-tun.tblk/config.ovpn

@@ -25,23 +25,23 @@ port 443
 proto udp
 
 dev tun
-;dev tap
 
 ca ca.crt
-cert server-domainname.crt
-key server-domainname.key
+cert hostname.domainname.tld.crt
+key hostname.domainname.tld.key
 
-tls-auth ta.key 0
+tls-crypt ta.key 0
 
-dh dh4096.pem
+dh none
+ecdh-curve ed25519
 
 server 10.8.0.0 255.255.255.0
 route 10.0.1.0 255.255.255.0
 route 10.8.0.0 255.255.255.0
 
 ;server-bridge 10.0.1.3 255.255.255.0 10.0.1.50 10.0.1.90
 
-;topology subnet
+topology subnet
 
 # Push routes to the client to allow it
 # to reach other private subnets behind
@@ -54,31 +54,26 @@ push "route 10.0.1.0 255.255.255.0"
 push "route 10.8.0.0 255.255.255.0"
 
 push "redirect-gateway def1"
-; push "dhcp-option DNS 10.8.0.1"
-push "dhcp-option DNS 8.8.8.8"
-push "dhcp-option DNS 4.4.4.4"
-; push "dhcp-option DOMAIN server.domainname.com"
+push "dhcp-option DNS 10.0.1.3"
+push "dhcp-option DOMAIN domainname.tld"
 ; push "dhcp-option PROXY_AUTO_CONFIG_URL http://proxy.domainname.private/proxy.pac"
-;push "dhcp-option PROXY_HTTP 10.8.0.1 3128"
-;push "dhcp-option PROXY_BYPASS domainname.com"
-push "cipher AES-256-CBC"
-; cipher BF-CBC is susceptible to SWEET32 attacks
+;push "dhcp-option PROXY_HTTP 10.0.1.3 8118"
+push "dhcp-option PROXY_BYPASS domainname.com proxy.domainname.private"
 
 client-to-client
 
 keepalive 10 120
 
-;cipher BF-CBC  ; susceptible to SWEET32 attacks
-cipher AES-256-CBC
+cipher AES-256-GCM
+tls-version-min 1.3
+
 ; openvpn --show-tls | grep -e '^TLS' | grep -v 128 | grep -v -e 'SHA$' | grep -v GCM
-tls-cipher TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-DSS-WITH-AES-256-CBC-SHA256:TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384:TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384
-tls-version-min 1.2
-auth SHA512
+; tls-cipher TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
 
-max-clients 10
+max-clients 20
 
-user nobody
-group nobody
+; user nobody
+; group nobody
 
 persist-key
 persist-tun