Displaying 20 results from an estimated 8000 matches similar to: "Impact of cipher and authentication to performance"
2005 Jun 30
1
Forcing tinc to use aes-128 cipher
I am trying to get tinc to use aes-128-cbc for it's encryption algorythm for network traffic. So far, I'm not having any luck. I've tried putting it into the tinc.conf
file, and it turns out that tinc is ignoring that code completely. I'm using tinc 1.0.4 (in TCP mode). Openssl version 0.9.7d. I've made some initial investigation
into the source, and in net_setup.c I
2014 Jan 07
1
max rsa key length, sym. cipher and digest recommendations ?
Hello,
I understand that I can use the openssl ciphers and digests available on
my systems, i.e. those in the list generated by "openssl
list-cipher-commands" and "openssl list-message-digest-algorithms".
I want to create a admin vpn network between my servers and my
workplace. Network throughput is not a big issue, I am using ssh and the
cli, however I would also do
2011 Aug 07
1
"Cipher = none" doesn't seem to be working properly
I have a simple pair of nodes set up, connected wirelessly, with tincd
1.0.16 running in switch mode. Setting Cipher and Digest to "none",
and Compression to 0, the bridge is still CPU-bound, with most of
tincd's CPU time spent in libcrypto. I narrowed it down to this line
in net_setup.c:
myself->connection->outcipher = EVP_bf_ofb();
It looks as though all outgoing data is
2004 Sep 09
2
Helping out?
Wow, three threads in two days, I promise to be less loquacious from now
on.
Anyways, I've decided to run CentOS over Whitebox on my firewall because
of the timeliness of updates. Is there some way I can assist in the
CentOS effort? It would be nice if there were a "wanted" section on
y'all's web site detailing ways to assist with CentOS, if any.
--Shawn
--
-- Shawn
2015 Apr 07
1
Tinc Cipher and Digest question
Hallo,
A question about the tinc Cipher= and Digest= values:
Do these values absolutely need to be identical on both "sides" for the
connection to work? Or does it only affect the outgoing side of the
packets but not the receive?
For example three nodes, two with ConnectTo= to Hub H, and on host A I
have a hosts/H and hosts/B entry with:
Cipher=blowfish
Digest=sha1
But on host B
2006 May 23
1
Ruby on Rails: Up and Running: Rough Cuts Version
Anyone read the rough cuts of this book? I''m interested in checking it
out because Bruce Tate''s work is always great. How does it compare to
the agile books (2nd edition) in terms of timeliness, difficulty, etc.
Thanks!
Nathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2020 Apr 04
3
how to pick cipher for AES-NI enabled AMD GX-412TC SOC tincd at 100% CPU
Hello everybody,
First a big thanks for tinc-vpn I am still using it next to wireguard
and openvpn.
I am having a setup where the tinc debian appliance is at 100% cpu load
doing about 7.5MB/s.
Compression = 9
PMTU = 1400
PMTUDiscovery = yes
Cipher = aes-128-cbc
How can I pick a cipher that is the fasted for my CPU and don't create a
CPU bottleneck at 100%.
Kind regards,
Jelle de Jong
2012 Nov 16
2
[LLVMdev] code-owner sporks
<dag at cray.com> writes:
> Sean Silva <silvas at purdue.edu> writes:
>
>>> Really, patches get dropped *all the time* to the point where pings are
>>> a regular part of the development process. That's a huge waste of time
>>> for everyone.
>>
>> It's only a waste of time if your workflow is entirely synchronous
>> with patch
2018 May 23
1
Cipher=none seems to be not working
Hi,
i try to etablish unencrypted onnection and have in my config:
Cipher=aes
But this causes the following error:
2018-05-23 12:08:27 tinc.backbone[14746]: tincd 1.0.31 starting, debug level 5
2018-05-23 12:08:27 tinc.backbone[14746]: Got fatal signal 11 (Segmentation fault)
2018-05-23 12:08:27 tinc.backbone[14746]: Trying to re-execute in 5 seconds...
I have no idea what i'm doing
2012 Nov 16
0
[LLVMdev] code-owner sporks
> - I have to *remember* I submitted the patch (not hard, but it is a
> cost).
If you forgot, the chances are high that the patch was unimportant. I
do my development on local git branches, so every time I do `git
branch`, I'm reminded. There's really no overhead.
> - I have to save that e-mail from llvm-commits so I can refer to it when
> the inevitable ping is
2012 May 19
2
rsync over ssh with no cipher
>From what I can gather from googling, using rsync over ssh without a cipher is not possible since some changes to the openssh package. ?Is this true? ?I have been using a CPU friendly cipher but feel that it is best to use no cipher at all (secured network).
rsync -avxu --progress -e 'ssh -c arcfour128' /path/to/source/ user at server:/path/to/destination/
Thanks in advance!
2018 Apr 18
3
[PATCH] configure.ac/cipher.c: Check for OpenSSL with EVP_des_ede3_cbc
While compiling openssl with option `no-des', it caused the openssh
build failure
...
cipher.c:85:41: error: 'EVP_des_ede3_cbc' undeclared here (not in a function);
...
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
---
cipher.c | 2 ++
configure.ac | 20 ++++++++++++++++++++
2 files changed, 22 insertions(+)
diff --git a/cipher.c b/cipher.c
index
2019 Oct 28
3
changing cipher for imap clients
When my client connects, I see this in my log:
dovecot: imap-login: TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128
bits)
Whereas, when client connects to my postfix server, I see:
Anonymous TLS connection established from * TLSv1 with cipher
ECDHE-RSA-AES256-SHA (256/256 bits)
how can I tell dovecot to use AES256, instead of AES128 ?
is this set by ssl_cipher_list ? Here are my current
2007 Jan 05
1
No warning message is displayed for "none" cipher
Hello all,
I tried to connect to the server that supports protocol 1:
# ssh -1 -o "cipher none" remotehost
<No valid SSH1 cipher, using 3des instead>
As per the code in sshconnect1.c, it has to alert the user about "none" cipher usage.
try_challenge_response_authentication() {
....
if (options.cipher == SSH_CIPHER_NONE)
2016 Mar 12
3
Logging the TLS cipher suite
Hi,
could it be possible to log the TLS cipher suite as Postfix does?
This is a typical TLS Dovecot log line:
imap-login: Login: user=<user at acme.com>, method=DIGEST-MD5, rip=1.2.3.4,
lip=4.3.2.1, mpid=19671, TLS, session=<Jsvr46wt2c1ScQfY>
This is the Postfix equivalent
postfix/smtp[59723]: Anonymous TLS connection established to
mail.acmne.com[1.2.3.4]:25: TLSv1.2 with cipher
2007 Nov 24
1
enable none cipher
Hello,
Does anybody know how cam I enable the usage of the 'none' cipher in
OpenSSH 4.7
yours,
Mihai
2019 Aug 21
4
sometimes no shared cipher after upgrade from 2.2 to 2.3
We recently upgraded from dovecot 2.2 to 2.3.7.1-1
Not many, but some users are experiencing difficulties. The dovecot directors
log:
Aug 21 14:28:49 director01 dovecot: pop3-login: Disconnected (no auth attempts
in 0 secs): user=<>, rip=redacted, lip=10.0.0.120, TLS handshaking:
SSL_accept() failed: error:1408A0C1:SSL routines:ssl3_get_client_hello:no
shared cipher,
2019 Aug 21
2
sometimes no shared cipher after upgrade from 2.2 to 2.3
> SSL3 is no longer included in the cipher sets. Try this:
>
> ssl_min_protocol = SSLv3
Thanks. Unfortunately, no dice - same error.
Any other tips? I was under the impression "no shared cipher" was rather the
problem?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This
2007 Jul 09
1
The Camellia block cipher for OpenSSH 4.6p1.
Hi,
I implemented a patch for porting the Camellia block cipher to
one of the OpenSSH-usable cipher. Camellia is one of the approved
encryption methods of NESSIE and has specified in several RFCs.
I put the patch at:
http://www.is.titech.ac.jp/~yanagis0/text/camellia/openssh-4.6p1-0.2.patch
in http://www.is.titech.ac.jp/~yanagis0/text/camellia-e.html.
I hope you will enjoy this patch and
2003 Sep 18
1
[Bug 675] cipher.c error when building against openssl 0.9.5a on Mandrake 7.2
http://bugzilla.mindrot.org/show_bug.cgi?id=675
Summary: cipher.c error when building against openssl 0.9.5a on
Mandrake 7.2
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Build system
AssignedTo: