search for: camellia

http://bugzilla.mindrot.org/show_bug.cgi?id=1340 Summary: Support for Camellia block cipher to OpenSSH-portable. Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindr...

Hi, I implemented a patch for porting the Camellia block cipher to one of the OpenSSH-usable cipher. Camellia is one of the approved encryption methods of NESSIE and has specified in several RFCs. I put the patch at: http://www.is.titech.ac.jp/~yanagis0/text/camellia/openssh-4.6p1-0.2.patch in http://www.is.titech.ac.jp/~yanagis0/text/camellia-e.h...

...2-cfb aria-192-cfb1 aria-192-cfb8 aria-192-ctr aria-192-ecb aria-192-ofb aria-256-cbc aria-256-cfb aria-256-cfb1 aria-256-cfb8 aria-256-ctr aria-256-ecb aria-256-ofb base64 bf bf-cbc bf-cfb bf-ecb bf-ofb camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb camellia-256-cbc camellia-256-ecb cast cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-...

I have also tested with 2.2.28 and this version has the same issue. The finding of compatible ciphers is not the problem because I have uncommented the ldap entrys: TLSCipherSuite SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM TLSProtocolMin 3.1 Maybe you have further ideas. Am 2017-03-20 17:42, schrieb Aki Tuomi: >> On March 20, 2017 at 5:28 PM info at gwarband.de wrote: >> >> >> Can sombody say something about this request? >> >> This...

...56-cts-hmac-sha1-96 aes256-cts AES-256 CTS mode with 96-bit SHA-1 HMAC aes128-cts-hmac-sha1-96 aes128-cts AES-128 CTS mode with 96-bit SHA-1 HMAC arcfour-hmac rc4-hmac arcfour-hmac-md5 RC4 with HMAC/MD5 arcfour-hmac-exp rc4-hmac-exp arcfour-hmac-md5-exp Exportable RC4 with HMAC/MD5 (weak) camellia256-cts-cmac camellia256-cts Camellia-256 CTS mode with CMAC camellia128-cts-cmac camellia128-cts Camellia-128 CTS mode with CMAC des The DES family: des-cbc-crc, des-cbc-md5, and des-cbc-md4 (weak) des3 The triple DES family: des3-cbc-sha1 aes The AES family: aes256-cts-hmac-sha1-96 and a...

> but i try to this command > > openssl s_client -connect mail.mydomain:pop3s -starttls imap > > it says CONNECTED and hang. second command is correct? Uh, "pop3s" != "imap", and IMAP/STARTTLS is not the same as IMAP/SSL (or whatever the hell the terminology is nowadays). If you're testing IMAP, try one or the other or both depending of how many flavours

...to/aegis128-aesni-asm.S | 6 +- crypto/aegis128l-aesni-asm.S | 8 +-- crypto/aegis256-aesni-asm.S | 6 +- crypto/aes-x86_64-asm_64.S | 45 ++++++++++------ crypto/aesni-intel_asm.S | 8 +-- crypto/aesni-intel_avx-x86_64.S | 3 - crypto/camellia-aesni-avx-asm_64.S | 42 +++++++-------- crypto/camellia-aesni-avx2-asm_64.S | 44 ++++++++-------- crypto/camellia-x86_64-asm_64.S | 8 +-- crypto/cast5-avx-x86_64-asm_64.S | 50 ++++++++++-------- crypto/cast6-avx-x86_64-asm_64.S | 44 +++++++++------- crypto/des3_ede-asm_64...

...to/aegis128-aesni-asm.S | 6 +- crypto/aegis128l-aesni-asm.S | 8 +-- crypto/aegis256-aesni-asm.S | 6 +- crypto/aes-x86_64-asm_64.S | 45 ++++++++++------ crypto/aesni-intel_asm.S | 8 +-- crypto/aesni-intel_avx-x86_64.S | 3 - crypto/camellia-aesni-avx-asm_64.S | 42 +++++++-------- crypto/camellia-aesni-avx2-asm_64.S | 44 ++++++++-------- crypto/camellia-x86_64-asm_64.S | 8 +-- crypto/cast5-avx-x86_64-asm_64.S | 50 ++++++++++-------- crypto/cast6-avx-x86_64-asm_64.S | 44 +++++++++------- crypto/des3_ede-asm_64...

...> aria-192-cfb8     aria-192-ctr      aria-192-ecb      aria-192-ofb > aria-256-cbc      aria-256-cfb      aria-256-cfb1     aria-256-cfb8 > aria-256-ctr      aria-256-ecb      aria-256-ofb      base64 > bf                bf-cbc            bf-cfb            bf-ecb > bf-ofb            camellia-128-cbc  camellia-128-ecb  camellia-192-cbc > camellia-192-ecb  camellia-256-cbc  camellia-256-ecb  cast > cast-cbc          cast5-cbc         cast5-cfb         cast5-ecb > cast5-ofb         des               des-cbc           des-cfb > des-ecb           des-ede           des-ede-cbc   ...

...ization range below the -2G memory limit. Signed-off-by: Thomas Garnier <thgarnie at google.com> --- arch/x86/crypto/aes-x86_64-asm_64.S | 45 ++++++++----- arch/x86/crypto/aesni-intel_asm.S | 14 ++-- arch/x86/crypto/aesni-intel_avx-x86_64.S | 6 +- arch/x86/crypto/camellia-aesni-avx-asm_64.S | 42 ++++++------ arch/x86/crypto/camellia-aesni-avx2-asm_64.S | 44 ++++++------- arch/x86/crypto/camellia-x86_64-asm_64.S | 8 ++- arch/x86/crypto/cast5-avx-x86_64-asm_64.S | 50 ++++++++------- arch/x86/crypto/cast6-avx-x86_64-asm_64.S | 44 +++++++------ arch/x86...

...t gwarband.de wrote: >> >> >> I have also tested with 2.2.28 and this version has the same issue. >> >> The finding of compatible ciphers is not the problem because I have >> uncommented the ldap entrys: >> TLSCipherSuite >> SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM >> TLSProtocolMin 3.1 >> >> Maybe you have further ideas. >> >> Am 2017-03-20 17:42, schrieb Aki Tuomi: >>>> On March 20, 2017 at 5:28 PM info at gwarband.de wrote: >>>> >>>> >>&...

...On Wed, Mar 04, 2015 at 06:13:31PM +0200, Adrian Minta wrote: >> Hello, >> about the CVE-2015-0204, in apache the following config seems to disable >> this vulnerability: >> SSLProtocol All -SSLv2 -SSLv3 >> SSLCipherSuite >> HIGH:MEDIUM:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4 >> >> Is something similar possible with dovecot ? > I use this with some succes: > > # dovecot has built-in protection against BEAST, therefore no need > # to remove -SSLv2-SHA1:-TLSv10-SHA1 > ssl_protocols = !SSLv2 !SSLv3 > ssl_cipher_list = ECDH...

Hello, about the CVE-2015-0204, in apache the following config seems to disable this vulnerability: SSLProtocol All -SSLv2 -SSLv3 SSLCipherSuite HIGH:MEDIUM:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4 Is something similar possible with dovecot ? If yes, what are the implications with old mail clients ? -- Best regards, Adrian Minta

Hi Richard, Thanks for your response, We have followed the steps mentioned in https://www.redhat.com/archives/libguestfs/2015-November/msg00015.html Now we are able to connect the V2V Conversion Server from Physical server after booting from livecd. Once ssh connection established, "Start Conversion" opens up another UI which has necessary info. of hardware (eg. CPU, RAM, HDD

...;>> I have also tested with 2.2.28 and this version has the same issue. >>>> >>>> The finding of compatible ciphers is not the problem because I have >>>> uncommented the ldap entrys: >>>> TLSCipherSuite >>>> SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM >>>> TLSProtocolMin 3.1 >>>> >>>> Maybe you have further ideas. >>>> >>>> Am 2017-03-20 17:42, schrieb Aki Tuomi: >>>>>> On March 20, 2017 at 5:28 PM info at gwarband.de wrot...

...e (which I didn't traced yet) I get annoying message: An error occurred while loading or saving configuration information for thunderbird. Some of your configuration settings may not work properly. =In the details section I get: Bad key or directory name: "/desktop/gnome/url-handlers/EDH+CAMELLIA/command": `+' is an invalid character in key/directory names Bad key or directory name: "/desktop/gnome/url-handlers/EDH+CAMELLIA/command": `+' is an invalid character in key/directory names Bad key or directory name: "/desktop/gnome/url-handlers/EDH+aRSA/command&quo...

...there should be much difference between EL7 and Fedora. This config gets my an A+ rating on the sslabs test: SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite "EECDH+aRSA+AESGCM EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !MEDIUM !SEED !3DES !CAMELLIA !MD5 !EXP !PSK !SRP !DSS !RC4" <IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" </IfModule> https://www.ssllabs.com/ssltest/analyze.html?d=www.hogarthuk.com IIRC the Red Hat defaults are somewhat...

...715a2ac9ed7b8d5d14 With a more recent virt-v2v it will work fine, as in this example: $ virt-builder fedora-22 $ guestfish --ro -a fedora-22.img -i find /lib/modules | grep xz | head /4.0.4-301.fc22.x86_64/kernel/arch/x86/crypto/blowfish-x86_64.ko.xz /4.0.4-301.fc22.x86_64/kernel/arch/x86/crypto/camellia-aesni-avx-x86_64.ko.xz /4.0.4-301.fc22.x86_64/kernel/arch/x86/crypto/camellia-aesni-avx2.ko.xz /4.0.4-301.fc22.x86_64/kernel/arch/x86/crypto/camellia-x86_64.ko.xz /4.0.4-301.fc22.x86_64/kernel/arch/x86/crypto/cast5-avx-x86_64.ko.xz /4.0.4-301.fc22.x86_64/kernel/arch/x86/crypto/cast6-avx-x86_64.ko.x...

...C > > aes128-cts-hmac-sha1-96 aes128-cts AES-128 > CTS mode with 96-bit SHA-1 HMAC > > arcfour-hmac rc4-hmac arcfour-hmac-md5 > RC4 with HMAC/MD5 > > arcfour-hmac-exp rc4-hmac-exp arcfour-hmac-md5-exp > Exportable RC4 with HMAC/MD5 (weak) > > camellia256-cts-cmac camellia256-cts > Camellia-256 CTS mode with CMAC > > camellia128-cts-cmac camellia128-cts > Camellia-128 CTS mode with CMAC > > des > The DES family: des-cbc-crc, des-cbc-md5, and des-cbc-md4 (weak) > > des3 > The triple DES...

...| 6 +- > crypto/aegis128l-aesni-asm.S | 8 +-- > crypto/aegis256-aesni-asm.S | 6 +- > crypto/aes-x86_64-asm_64.S | 45 ++++++++++------ > crypto/aesni-intel_asm.S | 8 +-- > crypto/aesni-intel_avx-x86_64.S | 3 - > crypto/camellia-aesni-avx-asm_64.S | 42 +++++++-------- > crypto/camellia-aesni-avx2-asm_64.S | 44 ++++++++-------- > crypto/camellia-x86_64-asm_64.S | 8 +-- > crypto/cast5-avx-x86_64-asm_64.S | 50 ++++++++++-------- > crypto/cast6-avx-x86_64-asm_64.S | 44 +++++++++------- &gt...