Hi,
just asking if anyone has an idea? :)
Regards,
Guy
Guy Foetz schrieb am Freitag, 9. Oktober 2020 um 12:07:20 UTC+2:
> Hi,
>
> I want to set the TlsCipherList on the clients and servers to a more
> secure setting like:
>
>
> ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305
> :ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
>
> but is I put the parameter in the Client or Director section on the client
> instance, nothing changes, in the debug log I see no change to be done to
> the TLS settings but i the code I see that if we set a cipher list we
> should get a least a debug message:
>
> void TlsOpenSsl::SetCipherList(const std::string& cipherlist)
> {
> Dmsg1(100, "Set cipherlist:\t<%s>\n", cipherlist.c_str());
> d_->cipherlist_ = cipherlist;
> }
>
> Filedeamon:
>
> FileDaemon {
> Name = "name-fd"
> MaximumConcurrentJobs = 20
> TlsCipherList = "
> ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305
> :ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
>
>
> }
>
> Does someone know what we are doing wrong?
>
> Regards,
>
> Guy
>
>
>
--
You received this message because you are subscribed to the Google Groups
"bareos-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/bareos-users/9b30935c-117d-4ea5-aaf8-d1c5979d4751n%40googlegroups.com.
