[PATCH] Set SSL options for increased security

Fordnate12 / shellinabox

Automatically exported from code.google.com/p/shellinabox

Other

0 stars 0 forks source link

[PATCH] Set SSL options for increased security #215

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago

Disable SSLv2 and compression; generate a new DH key during each handshake; 
always start a new session on server renegotiation; set a strong cipher list.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>

Original issue reported on code.google.com by andersk@mit.edu on 3 Jan 2013 at 9:03

Attachments:

ssl-options.patch

GoogleCodeExporter commented 8 years ago

Update to also disable SSLv3, and generate new ECDH keys during each handshake.

Original comment by andersk@mit.edu on 18 Oct 2014 at 12:30

Attachments:

ssl-options.patch