04-29-2008
How to disable encryption below 128 bit in Websphere ?
Hi,
Hi I have setup Websphere Portal and Apache server on Solaris.
The problem is that clients are allowed to negotiate lower encryption levels and by default the Websphere Apache HTTP server accepts 56-bit keys (your Firefox client requested 256-bit AES below).
So How to disable encryption below 128 bit ?
Please help
Neelesh
7 More Discussions You Might Find Interesting
1. Cybersecurity
Hi there,,
I am trying to access to one of the sites on the net but am not able to coz it gives an error saying
" The page must be viewed with a high-security Web browser"Upgrade your Web browser to the 128-bit version. "
I use IE.v6.0
kindly tell me how can i access to... (3 Replies)
Discussion started by: vicious3126
3 Replies
2. UNIX for Dummies Questions & Answers
My dilemma,
I need to send, deemed confidential, information via e-mail (SMTP). This information is sitting as a file on AIX. Typically I can send this data as a e-mail attachment via what we term a "mail filter" using telnet. I now would like to somehow encrypt the data and send it to a e-mail... (1 Reply)
Discussion started by: hugow
1 Replies
3. Cybersecurity
Hello,
I recently had a Retina scan of my system and there are some findings I do not understand.
SSL Week Cipher Strength Supported - Retina has detected that the targeted SSL Service supports a cryptographically weak cipher strength... Disable ciphers that support less than 128-bit... (4 Replies)
Discussion started by: stringman
4 Replies
4. Red Hat
Hi all Expertise,
I have following issue to solve,
SSL / TLS Renegotiation DoS (low) 222.225.12.13
Ease of Exploitation Moderate
Port 443/tcp
Family Miscellaneous
Following is the problem description:------------------
Description The remote service encrypts traffic using TLS / SSL and... (2 Replies)
Discussion started by: manalisharmabe
2 Replies
5. Cybersecurity
Hi all,
I'm looking for secure file encryption tools that use MAC address as encryption key. FYI, I'm using Red Hat Enterprise Linux OS.
For example: when A wants to send file to B
A will encrypt the file with B's computer MAC/IP address as an encryption key
This file can only be decrypted... (2 Replies)
Discussion started by: sergionicosta
2 Replies
6. AIX
Received a vulnerability - SSH INSECURE HMAC ALGORITHMS ENABLED.
The solution was to Disable any 96-bit HMAC Algorithms. Disable any MD5-based HMAC Algorithms.
Can someone please tell me how to disable in AIX 5.3?
Thanks,
Sudo (1 Reply)
Discussion started by: sudo su
1 Replies
7. Solaris
Hi All
Is any one know how to diable CBC mode cipher encryption along with MD5 & 96 bit MAC algorithm in solaris 10.
Regards (4 Replies)
Discussion started by: amity
4 Replies
LEARN ABOUT PHP
fs_setcrypt
FS_SETCRYPT(1) AFS Command Reference FS_SETCRYPT(1)
NAME
fs_setcrypt - Enables of disables the encryption of AFS file transfers
SYNOPSIS
fs setcrypt [-crypt] <on/off> [-help]
DESCRIPTION
The fs setcrypt command sets the status of network traffic encryption for file traffic in the AFS client. This encryption applies to file
traffic going to and coming from the AFS File Server for users with valid tokens. This command does not control the encryption used for
authentication, which uses Kerberos 5 or klog/kaserver. The complement of this command is fs getcrypt, which shows the status of encryption
on the client.
The default encryption status is enabled.
This is a global setting and applies to all subsequent connections to an AFS File Server from this Cache Manager. There is no way to enable
or disable encryption for specific connections.
CAUTIONS
AFS uses an encryption scheme called fcrypt, based on but slightly weaker than DES, and there is currently no way to specify a different
encryption mechanism. Because fcrypt and DES are obsolete, the user must decide how much to trust the encryption. Consider using a Virtual
Private Network at the IP level if better encryption is needed.
Encrypting file traffic requires a token. Unauthenticated connections or connections authorized via IP-based ACLs will not be encrypted
even when encryption is turned on.
OPTIONS
-crypt <on/off>
This is the only option to fs setcrypt. The -crypt option takes either "on" or "off". "on" enables encryption. "off" disables
encryption. Since this is the only option, the "-crypt" flag may be omitted.
0 and 1 or "true" and "false" are not supported as replacements for "on" and "off".
-help
Prints the online help for this command. All other valid options are ignored.
OUTPUT
This command produces no output other than error messages.
EXAMPLES
There are only four ways to invoke fs setcrypt. Either of:
% fs setcrypt -crypt on
% fs setcrypt on
will enable encryption for authenticated connections and:
% fs setcrypt -crypt off
% fs setcrypt off
will disable encryption.
PRIVILEGE REQUIRED
The issuer must be logged in as the local superuser root.
SEE ALSO
fs_getcrypt(1)
The description of the fcrypt encryption mechanism at http://surfvi.com/~ota/fcrypt-paper.txt <http://surfvi.com/~ota/fcrypt-paper.txt>.
COPYRIGHT
Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
This documentation is covered by the BSD License as written in the doc/LICENSE file. This man page was written by Jason Edgecombe for
OpenAFS.
OpenAFS 2012-03-26 FS_SETCRYPT(1)