From 414563877e7fe9360ace5f642bfcdef0c5bba2a0 Mon Sep 17 00:00:00 2001
From: _NSAKEY <NSAKEY@users.noreply.github.com>
Date: Wed, 22 Feb 2017 22:11:10 -0600
Subject: [PATCH 1/2] Changed auth to SHA512.

---
 openvpn-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index cee3e36..6080e71 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -462,7 +462,7 @@ cert server.crt
 key server.key
 tls-auth tls-auth.key 0
 dh dh.pem
-auth SHA256
+auth SHA512
 $CIPHER
 tls-server
 tls-version-min 1.2
@@ -579,7 +579,7 @@ nobind
 persist-key
 persist-tun
 remote-cert-tls server
-auth SHA256
+auth SHA512
 $CIPHER
 tls-client
 tls-version-min 1.2

From 3384d703d3198c13fb724e23ec0300e9538f9ebc Mon Sep 17 00:00:00 2001
From: _NSAKEY <NSAKEY@users.noreply.github.com>
Date: Wed, 22 Feb 2017 22:12:14 -0600
Subject: [PATCH 2/2] tls-cipher tweaking.

---
 openvpn-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 6080e71..5f9f84b 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -466,7 +466,7 @@ auth SHA512
 $CIPHER
 tls-server
 tls-version-min 1.2
-tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
+tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
 status openvpn.log
 verb 3" >> /etc/openvpn/server.conf
 
@@ -583,7 +583,7 @@ auth SHA512
 $CIPHER
 tls-client
 tls-version-min 1.2
-tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
+tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA512
 setenv opt block-outside-dns
 verb 3" >> /etc/openvpn/client-template.txt