Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - alone_k1

#1
Tutorials and FAQs / how does config.xml file generate?
September 07, 2018, 02:37:51 PM
hi all, wanted to know how does config.xml file generate ?

in this address : /conf/config.xml

which command or file generates config.xml file ?
thanks
#2
hi, how can i disable and enable some of the ciphers that are supported by sshd ?
i edit this file:
vim /etc/ssh/sshd_config

and then restart the sshd
service openssh onerestart

and check for supported list of ciphers :
sshd -T | grep ciphers

but nothing changes , how i can change list of supported ciphers?
i asked it somewhere else in this forum too , im in a very hurry , can anyone help me ?
#3
does any one can help?
#4
is there any answere for this i'm in a hurry
#5
hi, how can i disable and enable some of the ciphers that are supported by sshd ?
i edit this file:
vim /etc/ssh/sshd_config

and then restart the sshd
service openssh onerestart

and check for supported list of ciphers :
sshd -T | grep ciphers

but nothing changes , how i can change list of supported ciphers?
#6
Quote from: cordel on August 12, 2018, 06:34:37 AM
Quote from: alone_k1 on August 11, 2018, 08:18:51 PM
trying to use SartTLS to see if it works or nor :|

You should check through all your steps, as I have working SSL and had no issue switching to StartTLS using OPNsense 18.7.

I have been personally using ldaps:// since OPNsense version 15 with no unexpected issues.

Make sure your client url is supported by your certificate on the server as the IP and/or url should be configured in alt names or else it will fail security checks.


cordel may you check your private messages please? i've sent you a private message asking about direct speaking, i need your help indeed ,
thanks
#7
thanks, i'll check the entire of process again, as i did it for 4-5 times before.
#8
honesty, OPNSense is full of un-patched bugs
#10
Quote from: alone_k1 on August 11, 2018, 08:18:51 PM
trying to use SartTLS to see if it works or nor :|


i followed the following configuration:
https://www.digitalocean.com/community/tutorials/how-to-encrypt-openldap-connections-using-starttls

but it dosen't work either :|||
#11
trying to use SartTLS to see if it works or nor :|
#12
i get the following error:


"LDAP bind error (Can't contact LDAP server)"

#13
Quote from: alone_k1 on August 09, 2018, 11:09:33 PM
thank for the answer, how i can trace the main cause of problem, any detailed log or something related ?
hi, thanks for the answer,
ldap.conf file is all commented with #, is this something normal :


#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE   dc=example,dc=com
#URI   ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT   12
#TIMELIMIT   15
#DEREF      never
#14
thank for the answer, how i can trace the main cause of problem, any detailed log or something related ?
#15
no i set fallback as local system and i can login with root local-account, but i need to implement secure LDAP login.
PS:by default TCP-LDAP mode i can authorize and get access, but as i said, i need to implement in secure mode.