From 49bbc4e1430a9c83ccdc3df6291067a9b5c92426 Mon Sep 17 00:00:00 2001
From: Padraig Doran <padraigdoran@users.noreply.github.com>
Date: Tue, 8 Nov 2022 14:49:36 +0000
Subject: [PATCH] Use AES-256-GCM cipher instead of AES-256-CBC

Set to default AES-256-GCM
---
 openvpn-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 4235723..57cb7d2 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -323,7 +323,7 @@ server 10.8.0.0 255.255.255.0" > /etc/openvpn/server/server.conf
 	esac
 	echo 'push "block-outside-dns"' >> /etc/openvpn/server/server.conf
 	echo "keepalive 10 120
-cipher AES-256-CBC
+cipher AES-256-GCM
 user nobody
 group $group_name
 persist-key
@@ -423,7 +423,7 @@ persist-key
 persist-tun
 remote-cert-tls server
 auth SHA512
-cipher AES-256-CBC
+cipher AES-256-GCM
 ignore-unknown-option block-outside-dns
 verb 3" > /etc/openvpn/server/client-common.txt
 	# Enable and start the OpenVPN service