/mandos/trunk : revision 742

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-options.xml

Committer: Teddy Hogeborn
Date: 2015-03-10 18:03:38 UTC
Revision ID: teddy@recompile.se-20150310180338-pcxw6r2qmw9k6br9

Add ":!RSA" to GnuTLS priority string, to disallow non-DHE kx.

If Mandos was somehow made to use a non-ephemeral Diffie-Hellman key
exchange algorithm in the TLS handshake, any saved network traffic
could then be decrypted later if the Mandos client key was obtained.
By default, Mandos uses ephemeral DH key exchanges which does not have
this problem, but a non-ephemeral key exchange algorithm was still
enabled by default. The simplest solution is to simply turn that off,
which ensures that Mandos will always use ephemeral DH key exchanges.

There is a "PFS" priority string specifier, but we can't use it because:

1. Security-wise, it is a mix between "NORMAL" and "SECURE128" - it
enables a lot more algorithms than "SECURE256".

2. It is only available since GnuTLS 3.2.4.

Thanks to Andreas Fischer <af@bantuX.org> for reporting this issue.

files added:
DBUS-API

dbus-mandos.conf

debian/mandos-client.examples

debian/source

debian/source/format

debian/source/local-options

debian/upstream

debian/upstream/signing-key.asc

initramfs-unpack

intro.xml

mandos-ctl.xml

mandos-monitor

mandos-monitor.xml

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugins.d/plymouth.c

plugins.d/plymouth.xml

files modified:
.bzrignore

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.postinst

debian/mandos.prerm

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

mandos-options.xml

<emphasis>not</emphasis> run in debug mode.

</para>

GnuTLS priority string for the <acronym>TLS</acronym> handshake.

The default is <quote><literal

>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA</literal>

<literal>:+SIGN-RSA-SHA224:+SIGN-RSA-RMD160</literal></quote>.

See <citerefentry><refentrytitle

>gnutls_priority_init</refentrytitle>

<manvolnum>3</manvolnum></citerefentry> for the syntax.

<emphasis>Warning</emphasis>: changing this may make the

<acronym>TLS</acronym> handshake fail, making server-client

communication impossible. Changing this option may also make the

network traffic decryptable by an attacker.

</para>

GnuTLS priority string for the <acronym>TLS</acronym> handshake.

The default is <quote><literal

>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP</literal></quote>. See

<citerefentry><refentrytitle>gnutls_priority_init</refentrytitle>

>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA</literal></quote>.

See <citerefentry><refentrytitle

>gnutls_priority_init</refentrytitle>

<manvolnum>3</manvolnum></citerefentry> for the syntax.

<emphasis>Warning</emphasis>: changing this may make the

<acronym>TLS</acronym> handshake fail, making server-client

communication impossible.

communication impossible. Changing this option may also make the

network traffic decryptable by an attacker.

</para>

102

advanced users should consider changing this option</emphasis>.

103

</para>

104

105

106

This option controls whether the server will restore its state

107

from the last time it ran. Default is to restore last state.

108

</para>

109

110

111

Directory to save (and restore) state in. Default is

112

<quote><filename

113

class="directory">/var/lib/mandos</filename></quote>.

114

</para>

115

116

117

If this option is used, the server will not create a new network

118

socket, but will instead use the supplied file descriptor. By

119

default, the server will create a new network socket.

120

</para>

121

122

123

This option will make the server run in the foreground and not

124

write a PID file. The default is to <emphasis>not</emphasis> run

125

in the foreground, except in <option>debug</option> mode, which

126

implies this option.

127

</para>

128

129

130

This option controls whether the server will announce its

131

existence using Zeroconf. Default is to use Zeroconf. If

132

Zeroconf is not used, a <option>port</option> number or a

133

<option>socket</option> is required.

134

</para>

135

136

</section>

Older »