et al,
What is the best method for specyfing a cipher list to the nodejs
configurable proxy? I noted that jupyterhub proxy.py script invokes the proxy
and it appears to parse the /jupyter_hub.config file for related ssl parameters
and invoke them if present. At this point, I can only add a ciphers list via:
cmd = self.command + [
'--ip', public_server.ip,
'--port', str(public_server.port),
'--api-ip', api_server.ip,
'--api-port', str(api_server.port),
'--error-target', url_path_join(self.hub.url, 'error'),
'--ssl-ciphers',
'EDH+aRSA+AESGCM:EDH+aRSA+AES:EECDH+aRSA+AESGCM:EECDH+aRSA+AES:-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:RSA+AESGCM:RSA+AES+SHA256:RSA+AES+SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA'
It would preferable to have this passed from the jupyterhub_config file, ala,
c.JupyterHub.ssl_ciphers =
'EDH+aRSA+AESGCM:EDH+aRSA+AES:EECDH+aRSA+AESGCM:EECDH+aRSA+AES:-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:RSA+AESGCM:RSA+AES+SHA256:RSA+AES+SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA'
and have the proxy.py script parse it out, via:
if self.ssl_ciphers:
cmd.extend(['--ssl-ciphers','EDH+aRSA+AESGCM:EDH+aRSA+AES:EECDH+aRSA+AESGCM:EECDH+aRSA+AES:-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:RSA+AESGCM:RSA+AES+SHA256:RSA+AES+SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA'])
I did try this -- but was unsuccessful (to date).
Still, am I missing something obvious that more reliably survive a code update?
Thanks!
ROhn
---
Rohn J. Wood, MPA, Contractor
Senior Systems Engineer, Unix System Administrator Consultant
Global Biomedical Research Support Program (GBRSP/OCICB)
NIAID\NIH\DHHS
Rocky Mountain Laboratories
Bldg. 28 Rm. 1B108A
903 S. 4th St.
Hamilton, MT 59840
406.363.9433 FAX: 406.363.9388
SRA International Inc, a CSRA company
******************************************************************
The information in this e-mail and any of its attachments is confidential and
may contain sensitive information. It should not be used by anyone who is not
the original intended recipient. If you have received this e-mail in error
please inform the sender and delete it from your mailbox or any other storage
devices. National Institute of Allergy and Infectious Diseases shall not accept
liability for any statements made that are sender's own and not expressly made
on behalf of the NIAID by one of its representatives.
******************************************************************
--
You received this message because you are subscribed to the Google Groups
"Project Jupyter" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jupyter/BLUPR09MB0833B12A95610C710F97EA65E3250%40BLUPR09MB0833.namprd09.prod.outlook.com.
For more options, visit https://groups.google.com/d/optout.
