46
46
<emphasis>not</emphasis> run in debug mode.
49
<para id="priority_compat">
50
GnuTLS priority string for the <acronym>TLS</acronym> handshake.
51
The default is <quote><literal
52
>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224:</literal>
53
<literal>+SIGN-RSA-RMD160</literal></quote>.
54
See <citerefentry><refentrytitle
55
>gnutls_priority_init</refentrytitle>
56
<manvolnum>3</manvolnum></citerefentry> for the syntax.
57
<emphasis>Warning</emphasis>: changing this may make the
58
<acronym>TLS</acronym> handshake fail, making server-client
59
communication impossible.
49
62
<para id="priority">
50
63
GnuTLS priority string for the <acronym>TLS</acronym> handshake.
52
<!-- ​ is Unicode ZERO WIDTH SPACE; allows line breaks -->
53
<quote><literal>SECURE128​:!CTYPE-X.509​:+CTYPE-RAWPK​:!RSA​:!VERS-ALL​:+VERS-TLS1.3​:%PROFILE_ULTRA</literal></quote>
54
when using raw public keys in TLS, and
55
<quote><literal>SECURE256​:!CTYPE-X.509​:+CTYPE-OPENPGP​:!RSA​:+SIGN-DSA-SHA256</literal></quote>
56
when using OpenPGP keys in TLS,. See <citerefentry><refentrytitle
57
>gnutls_priority_init</refentrytitle>
64
The default is <quote><literal
65
>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP</literal></quote>. See
66
<citerefentry><refentrytitle >gnutls_priority_init</refentrytitle>
58
67
<manvolnum>3</manvolnum></citerefentry> for the syntax.
59
68
<emphasis>Warning</emphasis>: changing this may make the
60
69
<acronym>TLS</acronym> handshake fail, making server-client
61
communication impossible. Changing this option may also make the
62
network traffic decryptable by an attacker.
70
communication impossible.
65
73
<para id="servicename">
115
123
implies this option.
119
This option controls whether the server will announce its
120
existence using Zeroconf. Default is to use Zeroconf. If
121
Zeroconf is not used, a <option>port</option> number or a
122
<option>socket</option> is required.
added
removed
mandos-options.xml
