Hi, I have searched and not found waht tls versions are supported with samba 4.4.5 as AD. IS tls 1.2 supported with samba 4.4? If not what version? Thanks
On Tue, 16 Apr 2019 14:49:29 +0200 Trenta sis via samba <samba at lists.samba.org> wrote:> Hi, > > I have searched and not found waht tls versions are supported with > samba 4.4.5 as AD. IS tls 1.2 supported with samba 4.4? If not what > version? > > Thanks >That's easy, Samba no longer supports 4.4.x, so I would be more worried about that. Rowland
Hi, I know that is an old versions, but I need to know from what versions tls 1.2 is supported Thanks Missatge de Trenta sis <trenta.sis at gmail.com> del dia dt., 16 d’abr. 2019 a les 14:49:> > Hi, > > I have searched and not found waht tls versions are supported with > samba 4.4.5 as AD. IS tls 1.2 supported with samba 4.4? If not what > version? > > Thanks
I suggest have a look at this : (man smb.conf) and change to what your needs are. tls priority = NORMAL:-VERS-SSL3.0 https://gnutls.org/manual/html_node/Priority-Strings.html Look at : Table 6.6: More priority string keywords. So yes, 4.4.x supports TLS To consider for you system to test which version your system supports. GnuTLS 3.2.x or earlier. ? What are the needs of the clients? Then set the tls priority. I would preffer to use, but again, this depends on the needs of your lan/network/clients.. Etc. tls priority = SECURE128:+SECURE192+SECURE256:-VERS-ALL:+VERS-TLS1.2 Do note, above should work as of win7 and up. And check : https://testssl.sh/ You can use that one localy on you server. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Trenta sis via samba > Verzonden: dinsdag 16 april 2019 15:09 > Aan: samba > Onderwerp: Re: [Samba] Samba supported TLS versions > > Hi, > > I know that is an old versions, but I need to know from what versions > tls 1.2 is supported > Thanks > > Missatge de Trenta sis <trenta.sis at gmail.com> del dia dt., 16 d’abr. > 2019 a les 14:49: > > > > Hi, > > > > I have searched and not found waht tls versions are supported with > > samba 4.4.5 as AD. IS tls 1.2 supported with samba 4.4? If not what > > version? > > > > Thanks > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
On Tue, 16 Apr 2019 15:09:26 +0200 Trenta sis via samba <samba at lists.samba.org> wrote:> Hi, > > I know that is an old versions, but I need to know from what versions > tls 1.2 is supported > Thanks > > Missatge de Trenta sis <trenta.sis at gmail.com> del dia dt., 16 d’abr. > 2019 a les 14:49: > > > > Hi, > > > > I have searched and not found waht tls versions are supported with > > samba 4.4.5 as AD. IS tls 1.2 supported with samba 4.4? If not what > > version? > > > > Thanks >First, if possible, stop using 4.4.x Second, read this: https://wiki.samba.org/index.php/Samba_4.3_Features_added/changed#Configurable_TLS_protocol_support.2C_with_better_defaults Which shows that by default SSLv3 is disabled from 4.3.0 And read 'man smb.conf' which explains the 'tls priority' option Also read this: https://gnutls.org/manual/html_node/Priority-Strings.html Which shows what TLS options are supported. Rowland