thr3ads.net - samba - [Samba] samba tls protocols and ciphers change how? [Nov 2016]

If this information is useful, please help other people find it:
Share via:

L.P.H. van Belle

2016-Nov-21 14:31 UTC

[Samba] samba tls protocols and ciphers change how?

Hai, 

 

Im upping my servers with security setting. 

Now i noticed that even some sites/tools say its ok, but its really not ok. 

 

So Im looking for the ciphers list for samba or how can i display them. 

and i want to set the cipher list and order like the example below. 

Is this possible with samba?  

Anyone who can point me to the right direction? 

 

I did google .. and i getting only old/very old results.  :-(( 

 

Also, very offtopic, but very usefull..  

A few sites also you can check with. 

 

https://www.htbridge.com/ssl/

https://ssllabs.com 

https://tls.imirhil.fr 

https://securityheaders.io/

http://emailsecuritygrader.com/

 

cli tool, very handy. 

https://testssl.sh/

 

https://cipherli.st/  from this site an improved apache (2.4.17+ )  line there. 

SSLCipherSuite "ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305
ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA256 DES-CBC3-SHA AES128-SHA AES128-SHA256 HIGH
!DHE-RSA-CAMELLIA256-SHA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4
!AES128 !CAMELLIA128 !AES256-SHA256 !AES256-SHA !CAMELLIA256-SHA
!AES256-GCM-SHA384

 

 

Greetz, 

 

Louis

Seemingly Similar Threads

Search for more possibly parallel threads

samba - Nov 2016 - samba tls protocols and ciphers change how?

[Samba] samba tls protocols and ciphers change how?

Seemingly Similar Threads

Wisdom of the Ancients