Latest IPFire Hardened Linux Firewall Distro Release Future-Proofs VPN Cryptography
The biggest changes in this new IPFire hardened Linux firewall release are the improvements the development team added around the VPN (Virtual Private Network) implementation offered within the distribution in an attempt to future-proof VPN cryptography.
More specifically, IPFire 2.27 Core Update 172 updates the key lengths of root CA (Certificate Authority) certificates for both IPsec and OpenVPN VPN clients/peers from 2048 bit to 4096 bit RSA, due to the fact that 2048 bit encryption is no longer recommended by security experts for long-term security purposes. Also updated to 4096 bit RSA encryption is the key pair generated for IPFire’s web interface.