Login or Register to Ask a Question and Join Our Community


AIX

How to disable encryption below 128 bit in Websphere ?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems AIX How to disable encryption below 128 bit in Websphere ?
# 1  
Old 04-29-2008
How to disable encryption below 128 bit in Websphere ?
Hi,

Hi I have setup Websphere Portal and Apache server on Solaris.

The problem is that clients are allowed to negotiate lower encryption levels and by default the Websphere Apache HTTP server accepts 56-bit keys (your Firefox client requested 256-bit AES below).

So How to disable encryption below 128 bit ?

Please help
Neelesh
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. Solaris

Need to disable CBC mode cipher encryption along with MD5 & 96 bit MAC algorithm

Hi All Is any one know how to diable CBC mode cipher encryption along with MD5 & 96 bit MAC algorithm in solaris 10. Regards (4 Replies)
Discussion started by: amity
4 Replies

2. AIX

Disable any 96-bit HMAC Algorithms

Received a vulnerability - SSH INSECURE HMAC ALGORITHMS ENABLED. The solution was to Disable any 96-bit HMAC Algorithms. Disable any MD5-based HMAC Algorithms. Can someone please tell me how to disable in AIX 5.3? Thanks, Sudo (1 Reply)
Discussion started by: sudo su
1 Replies

3. Cybersecurity

File encryption tools with MAC address as an encryption key

Hi all, I'm looking for secure file encryption tools that use MAC address as encryption key. FYI, I'm using Red Hat Enterprise Linux OS. For example: when A wants to send file to B A will encrypt the file with B's computer MAC/IP address as an encryption key This file can only be decrypted... (2 Replies)
Discussion started by: sergionicosta
2 Replies

4. Red Hat

SSL/TLS renegotiation DoS -how to disable? Is it advisable to disable?

Hi all Expertise, I have following issue to solve, SSL / TLS Renegotiation DoS (low) 222.225.12.13 Ease of Exploitation Moderate Port 443/tcp Family Miscellaneous Following is the problem description:------------------ Description The remote service encrypts traffic using TLS / SSL and... (2 Replies)
Discussion started by: manalisharmabe
2 Replies

5. Cybersecurity

How to Disable Ciphers and Reconfigure Encryption?

Hello, I recently had a Retina scan of my system and there are some findings I do not understand. SSL Week Cipher Strength Supported - Retina has detected that the targeted SSL Service supports a cryptographically weak cipher strength... Disable ciphers that support less than 128-bit... (4 Replies)
Discussion started by: stringman
4 Replies

6. UNIX for Dummies Questions & Answers

File encryption/Key encryption ????

My dilemma, I need to send, deemed confidential, information via e-mail (SMTP). This information is sitting as a file on AIX. Typically I can send this data as a e-mail attachment via what we term a "mail filter" using telnet. I now would like to somehow encrypt the data and send it to a e-mail... (1 Reply)
Discussion started by: hugow
1 Replies

7. Cybersecurity

128 bit encryption

Hi there,, I am trying to access to one of the sites on the net but am not able to coz it gives an error saying " The page must be viewed with a high-security Web browser"Upgrade your Web browser to the 128-bit version. " I use IE.v6.0 kindly tell me how can i access to... (3 Replies)
Discussion started by: vicious3126
3 Replies
Login or Register to Ask a Question

LEARN ABOUT PHP

fs_setcrypt

FS_SETCRYPT(1)						       AFS Command Reference						    FS_SETCRYPT(1)

NAME

       fs_setcrypt - Enables of disables the encryption of AFS file transfers

SYNOPSIS

       fs setcrypt [-crypt] <on/off> [-help]

DESCRIPTION

       The fs setcrypt command sets the status of network traffic encryption for file traffic in the AFS client. This encryption applies to file
       traffic going to and coming from the AFS File Server for users with valid tokens.  This command does not control the encryption used for
       authentication, which uses Kerberos 5 or klog/kaserver. The complement of this command is fs getcrypt, which shows the status of encryption
       on the client.

       The default encryption status is enabled.

       This is a global setting and applies to all subsequent connections to an AFS File Server from this Cache Manager. There is no way to enable
       or disable encryption for specific connections.

CAUTIONS

       AFS uses an encryption scheme called fcrypt, based on but slightly weaker than DES, and there is currently no way to specify a different
       encryption mechanism. Because fcrypt and DES are obsolete, the user must decide how much to trust the encryption. Consider using a Virtual
       Private Network at the IP level if better encryption is needed.

       Encrypting file traffic requires a token. Unauthenticated connections or connections authorized via IP-based ACLs will not be encrypted
       even when encryption is turned on.

OPTIONS

       -crypt <on/off>
	   This is the only option to fs setcrypt. The -crypt option takes either "on" or "off". "on" enables encryption. "off" disables
	   encryption. Since this is the only option, the "-crypt" flag may be omitted.

	   0 and 1 or "true" and "false" are not supported as replacements for "on" and "off".

       -help
	   Prints the online help for this command. All other valid options are ignored.

OUTPUT

       This command produces no output other than error messages.

EXAMPLES

       There are only four ways to invoke fs setcrypt.	Either of:

	  % fs setcrypt -crypt on
	  % fs setcrypt on

       will enable encryption for authenticated connections and:

	  % fs setcrypt -crypt off
	  % fs setcrypt off

       will disable encryption.

PRIVILEGE REQUIRED

       The issuer must be logged in as the local superuser root.

SEE ALSO

       fs_getcrypt(1)

       The description of the fcrypt encryption mechanism at http://surfvi.com/~ota/fcrypt-paper.txt <http://surfvi.com/~ota/fcrypt-paper.txt>.

COPYRIGHT

       Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>

       This documentation is covered by the BSD License as written in the doc/LICENSE file. This man page was written by Jason Edgecombe for
       OpenAFS.

OpenAFS 							    2012-03-26							    FS_SETCRYPT(1)