How to control ciphers used by SSL?
Liam Proven
lproven at gmail.com
Wed Jan 22 18:06:27 UTC 2020
On Wed, 22 Jan 2020 at 18:44, stan <stanb at panix.com> wrote:
>
> I thnk we are dealing with OpenSSL, not Opnessh here. We are not ssh'ing
> in, we are using the API shich is on another port, 8427 if I recall
> coreclty.
Oh dear. That will teach me to read a question more carefully before
doing a hasty answer from work. Sorry.
I am not sure that you can individually manage or tweak protocol
versions, but I do not know for sure.
Also, AIUI there was a significant version upgrade after the famous Heartbleed:
https://en.wikipedia.org/wiki/Heartbleed
Do your older devices predate that?
If so, as per this answer:
https://askubuntu.com/questions/1059801/how-to-properly-downgrade-openssl-version-under-ubuntu-18-04?rq=1
I'd agree with the comment:
«
You should avoid attempting to downgrade OpenSSL, and use a VM or a
container with an older OS for things where you need to use the older
OpenSSL versions.
»
I.e. as per my older, albeit misguided, answer, try to isolate an
older LTS version of Ubuntu that works, and maybe run it in a
dedicated container -- LXD could be good for this, maybe -- just for
those devices.
--
Liam Proven - Profile: https://about.me/liamproven
Email: lproven at cix.co.uk - Google Mail/Hangouts/Plus: lproven at gmail.com
Twitter/Facebook/Flickr: lproven - Skype/LinkedIn: liamproven
UK: +44 7939-087884 - ČR (+ WhatsApp/Telegram/Signal): +420 702 829 053
More information about the ubuntu-users
mailing list