As stated in the previous recipe, OpenVPN uses two symmetric keys when setting up a point-to-point connection. However, it is also possible to use shared yet asymmetric keys in point-to-point mode. OpenVPN will use four keys in this case:
A cipher key on the client side
An HMAC key on the client side
A cipher key on the server side
An HMAC key on the server side
The same keying material is shared by both sides of the point-to-point connection, but the keys that are derived for encrypting and signing the data are different for each side. This recipe explains how to set up OpenVPN in this manner and how the keys can be made visible.
For this recipe, we use the secret.key file from the previous recipe. Install OpenVPN 2.3.9 or higher on two computers. Make sure the computers are connected over a network. For this recipe, the server computer was running CentOS 6 Linux and OpenVPN 2.3.9 and the client was running Windows 7 64 bit and OpenVPN 2.3.10. We'll use the secret.key file from the OpenVPN secret keys recipe here.
Launch the server-side (listening) OpenVPN process with an extra option to the
--secretparameter and with more verbose logging:[root@server]# openvpn \ --ifconfig 10.200.0.1 10.200.0.2 \ --dev tun --secret secret.key 0 \ --verb 7
Then launch the client-side OpenVPN process:
[WinClient] C:\>"\Program Files\OpenVPN\bin\openvpn.exe" \ --ifconfig 10.200.0.2 10.200.0.1 \ --dev tun --secret secret.key 1\ --remote openvpnserver \ --verb 7
The connection will be established with a lot of debugging messages.
If we look through the server-side messages (searching for crypt), we can find the negotiated keys on the server side. Note that the output has been reformatted for clarity:
... Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key ... Static Encrypt: CIPHER KEY: 80797ddc 547fbdef 79eb353f 2a1f3d1f ... Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication ... Static Encrypt: HMAC KEY: c752f254 cc4ac230 83bd8daf 6141e73d 844764d8 ... Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key ... Static Decrypt: CIPHER KEY: 8cf9abdd 371392b1 14b51523 25302c99 ... Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication ... Static Decrypt: HMAC KEY: 39e06d8e 20c0d3c6 0f63b3e7 d94f35af bd744b27
On the client side, we will find the same keys but the "Encrypt" and "Decrypt" keys would have been reversed:
... Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key ... Static Encrypt: CIPHER KEY: 8cf9abdd 371392b1 14b51523 25302c99 ... Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication ... Static Encrypt: HMAC KEY: 39e06d8e 20c0d3c6 0f63b3e7 d94f35af bd744b27 ... Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key ... Static Decrypt: CIPHER KEY: 80797ddc 547fbdef 79eb353f 2a1f3d1f ... Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication ... Static Decrypt: HMAC KEY: c752f254 cc4ac230 83bd8daf 6141e73d 844764d8
If you look at the keys carefully, you will see that each one of them is mirrored on the client and the server side.
OpenVPN derives all the keys from the static.key file, provided there is enough entropy (randomness) in the file to reliably generate four keys. All the keys generated using the following will have enough entropy:
$ openvpn --genkey --secret secret.key
An OpenVPN static key file is 2,048 bits in size. The cipher keys are each 128 bits, whereas the HMAC keys are 160 bits each, for a total of 776 bits. This allows OpenVPN to easily generate four random keys from the static key file, even if a cipher is chosen that requires a larger initialization key.
The same secret key files are used in a client/server setup when the tls-auth ta.key parameter is used.
The Setting up the public and private keys recipe from Chapter 2, Client-server IP-only Networks, in which the
tls-authkey is generated in a very similar manner