Displaying 5 results from an estimated 5 matches for "crypto_policy".
2020 Oct 01
3
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
hi,
On 10/1/20 12:21 AM, JEAN-PAUL CHAPALAIN wrote:
> I had the same problem when migrating from Dovecot V2.2.36 on, Centos-7 to?Dovecot v2.3.8 on Centos-8
My report is specifically/solely about the addition/use of the
Options = ServerPreference
parameter.
I don't see that in your configuration.
Are you using it? In a config using Dovecot's submission proxy?
2020 Oct 01
0
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
Hi,
In my Centos-8 server, it was not necessary using "Options =
ServerPreference" parameter.
My openssl.conf look like that :
openssl_conf = default_modules
[ default_modules ]
ssl_conf = ssl_module
[ ssl_module ]
system_default = crypto_policy
[ crypto_policy ]
*.include /etc/crypto-policies/back-ends/opensslcnf.config*
And /etc/crypto-policies/back-ends/opensslcnf.config :
CipherString =
@SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8
Ciphers...
2021 Jul 25
8
[Bug 3331] New: Issues with man pages
https://bugzilla.mindrot.org/show_bug.cgi?id=3331
Bug ID: 3331
Summary: Issues with man pages
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: All
Status: NEW
Severity: minor
Priority: P5
Component: Documentation
Assignee: unassigned-bugs at mindrot.org
2019 Oct 17
2
DSA key not accepted on CentOS even after enabling
...h-rsa,ssh-rsa-cert-v01 at openssh.com
So I found the unit file for sshd that refers
to /etc/crypto-policies/back-ends/opensshserver.config
In the mean time I was able to reach my target going and editing the
/etc/sysconfig/sshd file adding the whole line obtained from the above and
adding ssh-dss
CRYPTO_POLICY='-oCiphers=aes256-gcm at openssh.com,
chacha20-poly1305 at openssh.com,aes256-ctr,aes256-cbc,aes128-gcm at openssh.com,aes128-ctr,aes128-cbc
-oMACs=hmac-sha2-256-etm at openssh.com,hmac-sha1-etm at openssh.com,
umac-128-etm at openssh.com,hmac-sha2-512-etm at openssh.com
,hmac-sha2-256,hmac-sha...
2019 Oct 17
0
DSA key not accepted on CentOS even after enabling
...t;
> So I found the unit file for sshd that refers
> to /etc/crypto-policies/back-ends/opensshserver.config
> In the mean time I was able to reach my target going and editing the
> /etc/sysconfig/sshd file adding the whole line obtained from the above and
> adding ssh-dss
>
> CRYPTO_POLICY='-oCiphers=aes256-gcm at openssh.com,
> chacha20-poly1305 at openssh.com,aes256-ctr,aes256-cbc,aes128-gcm at openssh.com,aes128-ctr,aes128-cbc
> -oMACs=hmac-sha2-256-etm at openssh.com,hmac-sha1-etm at openssh.com,
> umac-128-etm at openssh.com,hmac-sha2-512-etm at openssh.com
> ,hm...