similar to: AES256 encryption in Samba 4

Hi, When I run 'samba-tool domain exportkeytab', I found the exported keytab file include arcfour-hmac-md5, aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, des-cbc-md5, and des-cbc-crc. It seems that modify /etc/krb5.conf no help. My DC running with samba 4.1.13, and the server role is active directory domain controller. Thanks, Dongsheng

On Sun, Dec 28, 2014 at 2:29 PM, Andrew Bartlett <abartlet at samba.org> wrote: > On Mon, 2014-12-22 at 16:34 +0800, Dongsheng Song wrote: >> Hi, >> >> When I run 'samba-tool domain exportkeytab', I found the exported >> keytab file include arcfour-hmac-md5, aes256-cts-hmac-sha1-96, >> aes128-cts-hmac-sha1-96, des-cbc-md5, and des-cbc-crc. It seems

Does anyone knows which one is the strongest and which is the fastest encryption algorithms used in OpenSSH 3.7.1p2 from the list below aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, arcfour, aes192-cbc, aes256-cbc, rijndael-cbc at lysator.liu.se, aes128-ctr, aes192-ctr, aes256-ctr Strong Encryption OpenSSH supports 3DES, Blowfish, AES and arcfour as encryption algorithms. These are patent

http://bugzilla.mindrot.org/show_bug.cgi?id=1291 Summary: aes256-ctr, aes192-ctr, arcfour256 broken with OpenSSL 0.9.8e Product: Portable OpenSSH Version: 4.5p1 Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: sshd AssignedTo: bitbucket at

I have been reading up on TLS and Dovecot and came across this URL: https://www.weakdh.org/sysadmin.html which recommended these settings for Dovecot. I would like to know if they are correct? Some much documentation on the web is pure garbage. Dovecot These changes should be made in /etc/dovecot.conf Cipher Suites

Hello all, as our Windows DCs will switch off DES encryption in the near future I have to change our Samba-Server to AES encryption. If I understand it correctly I have to change kerberos-configuration to new encryption type (aes256-cts-hmac-sha1-96) and then re-join my Samba-Server to the domain. Is this correct? Any other things to consider? Thanks a lot, Christian

Thanks for your reply; I used the defaults, both before and after the upgrade, cf. https://wiki2.dovecot.org/Upgrading/2.3 -> Setting default changes. The new defaults broke the connection. Jan > what are your settings? > > Mine are below and they work just fine: > > ssl_cipher_list = >

Am 11.06.20 um 18:08 schrieb @lbutlr: > On 10 Jun 2020, at 23:19, @lbutlr <kremels at kreme.com> wrote: >> On 10 Jun 2020, at 23:18, @lbutlr <kremels at kreme.com> wrote: >>> IF it?s not permissions you need to provide doveconf -n output. Bloglines for any fall, panic, or error level events at a minimum. >> >> Apologies, I did not see the attachments. Will

Hi all; I've upgraded a ring of dovecot directors from 2.2.15 to 2.2.36. After the upgrade I've got some instability: a few time per day per server, seemly at random, the auth process stop responding and the clients cannot authenticate any more: Sep 6 14:45:51 imap-front13 dovecot: pop3-login: Warning: Auth process not responding, delayed sending initial response (greeting):

On Thu, Mar 10, 2016 at 12:30 PM, Osiris <dovecot at flut.demon.nl> wrote: > On 09-03-16 13:14, djk wrote: >> On 09/03/16 10:44, Florent B wrote: >>> Hi, >>> >>> I don't see any SSL configuration option in Dovecot to disable >>> "Client-initiated secure renegotiation". >>> >>> It is advised to disable it as it can

Hi @all, after re-installing one of my two frontends/proxy-servers I get the following error messages after some time (sometimes after 1h, sometimes after 24h): 11:23:55 imap-login: Error: socketpair() failed: Too many open files 11:23:55 imap-login: Error: socketpair() failed: Too many open files 11:23:56 imap-login: Error: socketpair() failed: Too many open files 11:23:56 imap-login: Error:

I haven't done this on the old, working machine. So there must be a difference between Debian 7 and 9 how open files are handled? Regards Patrick Aki Tuomi schrieb: > You probably need to increase ulimit -n > > Aki > > > On 23.08.2017 14:10, Patrick Westenberg wrote: >> Hi @all, >> >> after re-installing one of my two frontends/proxy-servers I get

Hi Teemu, > Could you post your doveconf -n output? # 2.2.20.rc1 (ed41702f14c2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.10.rc1 # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.9 auth_mechanisms = plain login log_timestamp = "%Y-%m-%d %H:%M:%S " login_greeting = Ready. login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k mail_location =

Jan Vejvalka <jan.vejvalka at lfmotol.cuni.cz> writes: >> Mine are below and they work just fine: >> >> ssl_cipher_list = >>

Hi, To default dovecot.conf file I added (based on found documentation): ssl = required disable_plaintext_auth = yes #change default 'no' to 'yes' ssl_prefer_server_ciphers = yes ssl_options = no_compression ssl_dh_parameters_length = 2048 ssl_cipher_list =

Good Day, I have been following this tutorial without much luck - http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes#CA-26af2b83a43b8100522c57565773f605c21f2f27_1 It is obvious to me that I am not following the instructions correctly and need to be shown what I am misunderstanding. I have an old postfix + dovecot + Roundcube mailserver (mail.domain.Tld). Server clock is loosing time and

Hello, I have a new director ring I am setting up on centos 7 with dovecot 2.3.1. I haven't been able to replecate this in testing, but as soon as I start pushing production traffic to the new ring I see dozens of these in the logs: Apr 18 00:34:00 d.director.imapd.sonic.net kernel: imap-login[163107]: segfault at 10 ip 00007ff625698dd5sp 00007ffe4b77bb28 error 4 in

Thank You for answers. But: 1. How should be properly configured ssl_cipher_list? 2. Ok, removed !TLSv1 !TLSv1.1. 3. Strange thing with ssl_protocols and ssl_cipher_list, because on older server on Ubuntu 14.04 LTS, dovecot 2.2.9 and postfix 2.11.0 these two lines looks exactly this same and no errors in mail.err file and mailes works without any problem. 4. No, currently I don't use LMTP.

Am 17.12.2014 um 18:42 schrieb Les Mikesell <lesmikesell at gmail.com>: > On Wed, Dec 17, 2014 at 11:14 AM, Xinhuan Zheng > <xzheng at christianbook.com> wrote: >> I have a requirement that I need to use encryption technology to encrypt >> very large tar file on a daily basis. The tar file is over 250G size and >> those are data backup. Every night the server

converting the passwords in the database from clear/plain text to SHA512-CRYPT ------------ You have a good day now, en mag jou m?re ook so wees, Carl A Jeptha On 2016-04-29 15:02, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Fri, 29 Apr 2016, Carl A Jeptha wrote: > >> Good Day, >> I have been following this tutorial without much