[Samba] samba tls protocols and ciphers change how?
L.P.H. van Belle
belle at bazuin.nl
Mon Nov 21 14:31:17 UTC 2016
Im upping my servers with security setting.
Now i noticed that even some sites/tools say its ok, but its really not ok.
So Im looking for the ciphers list for samba or how can i display them.
and i want to set the cipher list and order like the example below.
Is this possible with samba?
Anyone who can point me to the right direction?
I did google .. and i getting only old/very old results. :-((
Also, very offtopic, but very usefull..
A few sites also you can check with.
cli tool, very handy.
https://cipherli.st/ from this site an improved apache (2.4.17+ ) line there.
SSLCipherSuite "ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA256 DES-CBC3-SHA AES128-SHA AES128-SHA256 HIGH !DHE-RSA-CAMELLIA256-SHA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4 !AES128 !CAMELLIA128 !AES256-SHA256 !AES256-SHA !CAMELLIA256-SHA !AES256-GCM-SHA384
More information about the samba