[clug] Crypto debugging
Tony Lewis
tony at lewistribe.com
Mon Jan 31 11:42:53 UTC 2022
Impressive tool. I'll see whether there's access to github.
Thanks
On 31/1/22 10:01 pm, Simon Oxwell wrote:
> Testssl.sh might fit the bill?
>
> https://github.com/drwetter/testssl.sh
> <https://github.com/drwetter/testssl.sh>
>
>
> Simon
>
> On Mon, 31 Jan 2022, 21:50 Tony Lewis via linux,
> <linux at lists.samba.org <mailto:linux at lists.samba.org>> wrote:
>
> I'm working in a constrained environment (limited ability to get
> hands
> on keyboard or install stuff) and I need to figure out the
> simplest way
> to be able to run scans to tell me what versions of SSL/TLS, and what
> ciphers, including weak ones, are running on other boxes in that
> environment.
>
> I've considered:
>
> * running openssl s_client:
> o decent versions have weak ciphers disabled at compile time, so
> out of the box it doesn't help much
> * compiling openssl with weak ciphers included
> o I've limited experience recompiling on this platform but could
> look into it
> * installing and running openvas
> o this will change the environment a bit, including adding
> repositories so was hoping to avoid
> o also, no experience, so there is a learning curve
>
> Can anyone suggest a tool that can do this with a minimum of
> effort and
> change to the environment. Ideally I can just run it and point it
> at an
> ip:port and get a summary of the certificate, protocol and ciphers
> offered.
>
> Thanks,
>
> Tony
>
> --
> linux mailing list
> linux at lists.samba.org <mailto:linux at lists.samba.org>
> https://lists.samba.org/mailman/listinfo/linux
> <https://lists.samba.org/mailman/listinfo/linux>
>
More information about the linux
mailing list