[clug] Crypto debugging
Simon Oxwell
soxwell at gmail.com
Mon Jan 31 11:01:18 UTC 2022
Testssl.sh might fit the bill?
https://github.com/drwetter/testssl.sh
Simon
On Mon, 31 Jan 2022, 21:50 Tony Lewis via linux, <linux at lists.samba.org>
wrote:
> I'm working in a constrained environment (limited ability to get hands
> on keyboard or install stuff) and I need to figure out the simplest way
> to be able to run scans to tell me what versions of SSL/TLS, and what
> ciphers, including weak ones, are running on other boxes in that
> environment.
>
> I've considered:
>
> * running openssl s_client:
> o decent versions have weak ciphers disabled at compile time, so
> out of the box it doesn't help much
> * compiling openssl with weak ciphers included
> o I've limited experience recompiling on this platform but could
> look into it
> * installing and running openvas
> o this will change the environment a bit, including adding
> repositories so was hoping to avoid
> o also, no experience, so there is a learning curve
>
> Can anyone suggest a tool that can do this with a minimum of effort and
> change to the environment. Ideally I can just run it and point it at an
> ip:port and get a summary of the certificate, protocol and ciphers offered.
>
> Thanks,
>
> Tony
>
> --
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux
>
More information about the linux
mailing list