[Operators] s2s connectivity to jabber.ru -- dh key too small
jonas at wielicki.name
Mon Aug 12 14:35:38 UTC 2019
On Sonntag, 11. August 2019 14:15:56 CEST Evgeny wrote:
> On Sun, Aug 11, 2019 at 2:51 PM, Jonas Schäfer <jonas at wielicki.name>
> > Thanks. I understand that jabber.ru tried to up their DH key size?
> > Apparently,
> > that did not work. I still see dh key size too small. I haven’t
> > figured out
> > how to get openssl to tell me the DH key size they actually use
> > though :(
> > I suspect they might not have reloaded things properly?
> Here is what `nmap` reports for jabber.ru (on direct TLS c2s port):
> Seems like DH key is 4096 in size. By the way it was 2048 prior to
> configuration change.
On s2s, testssl.sh (which I had to patch to support s2s) reports 1024 bits on
both IPs: https://paste.debian.net/hidden/97314aea/
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: This is a digitally signed message part.
More information about the Operators