[EXTERNAL EMAIL]
Please report any suspicious attachments, links, or requests for sensitive
information.
Has anyone managed to get the TLS cipher suite settings available in DRAC
2.60.60.60 working? According to the documentation, any OpenSSL cipher
string should work, but none of the ones I have tried have changed offered
ciphers.
In addition, setting "TLS 1.2 only" doesn't seem to work; scanners show that
TLS 1.1 is still supported.
I tried the following cipher strings:
DHE-RSA-AES256-GCM-SHA384 (accepted by Web
I/F, but resulted in no changes to offered ciphers)
TLSv1.2
(Web IF won't accept it )
DRAC settings:
SSL Encryption: 256-bit of higher
TLS Protocol: TLS 1.2 Only
Custom Cipher String: DHE-RSA-AES256-SHA256
testssl.sh scan results showing TLS 1.1 and a bunch of ciphers I did not
specify:
TLS 1.1
x39 DHE-RSA-AES256-SHA DH 1024 AES 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
x88 DHE-RSA-CAMELLIA256-SHA DH 1024 Camellia 256
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
x35 AES256-SHA RSA AES 256
TLS_RSA_WITH_AES_256_CBC_SHA
x84 CAMELLIA256-SHA RSA Camellia 256
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS 1.2
x9f DHE-RSA-AES256-GCM-SHA384 DH 1024 AESGCM 256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
x6b DHE-RSA-AES256-SHA256 DH 1024 AES 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
x39 DHE-RSA-AES256-SHA DH 1024 AES 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
x88 DHE-RSA-CAMELLIA256-SHA DH 1024 Camellia 256
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
x9d AES256-GCM-SHA384 RSA AESGCM 256
TLS_RSA_WITH_AES_256_GCM_SHA384
x3d AES256-SHA256 RSA AES 256
TLS_RSA_WITH_AES_256_CBC_SHA256
x35 AES256-SHA RSA AES 256
TLS_RSA_WITH_AES_256_CBC_SHA
x84 CAMELLIA256-SHA RSA Camellia 256
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
Documentation:
https://www.dell.com/support/manuals/us/en/04/poweredge-r420/idrac_2.60.60.6
0_ug_pub/configuring-cipher-suite-selection-using-idrac-web-interface?guid=g
uid-0329847b-9a9b-462b-b0f8-e38f0889e05c
<https://www.dell.com/support/manuals/us/en/04/poweredge-r420/idrac_2.60.60.
60_ug_pub/configuring-cipher-suite-selection-using-idrac-web-interface?guid=
guid-0329847b-9a9b-462b-b0f8-e38f0889e05c&lang=en-us> &lang=en-us
_______________________________________________
Linux-PowerEdge mailing list
[email protected]
https://lists.us.dell.com/mailman/listinfo/linux-poweredge