Ilya Shipitsin

icon indicating an email [email protected]

icon location tox:7DABD06D229180D12281EE6F3252143CD5659F266BD77B4FA258AADCB0A6EC41A937C1D3835A

Results 613 comments of Ilya Shipitsin

SSL error in softether

it would speed up things. here's my ssh key ``` ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnriy2JJVpymOhWu7xhVFONqQU40elnY5+uiAF2NwDnjGItK31JARfc6bzT1QIpclbgD79hKVoxY7+OLCU5O414sqc7a9O2pvBiXd+m+HsCuloEFneU+400m5fGSUrG2A5W9IPKQppCL10ws9y0mscBgyFgP2LE8OjXyTGD3lyVGVONpGGdcSAv7TlKZ5YhGtdm2tiQ+lja0S1lk+zriPLqct65kQEZC4E6HaA5Qc5FTMkk9367M0nqVChL24FuOT79sZgwjwyFyK4OTzn+hSKJQt7TPVj2XTXVpku8onjFU4/mmqdHBQdd6Ia/acg3ydr9yv+NGFZtAy8jHiB037X imported-openssh-key ``` other details please send to `[email protected]` also, it would be nice to understand what is allowed...

SSL error in softether

@bobyturk privately provided an access to several servers, on neither of them problem was reproduced. only on one server where 4.x was installed, but we've no idea what to do...

SSL error in softether

so far, we have some repro on some servers,

SSL error in softether

so far, literally following suggestion `The specified SSL certificate is a sub-certificate which was issued by a CA (Certificate Authority).\r\n\r\nIf you are planning to support either Microsoft SSTP or OpenVPN...

haproxy built against aws-lc

not sure what is "officially recommended", but it is one of the [supported](https://github.com/haproxy/wiki/wiki/SSL-Libraries-Support-Status) ssl libs. more details: this lib supports QUIC and is actively maintained by aws. what are criteria...

haproxy built against aws-lc

it was discussed [many times](https://github.com/haproxy/haproxy/issues/2645#issuecomment-2233639463) stock openssl is way slow and does not support QUIC.. aws-lc seem to be the best alternative currently

VPNCMD command ServerCertSet does not allow to specify the password for the private key file (LOADKEY param)

SE itself stores certificates and keys unencrypted. No much sense to decrypt and store unencrypted. But we welcome pull requests On Tue, Dec 17, 2024, 01:17 Federico Di Marco ***@***.***>...

Add reverse-proxy to SoftEther VPN Server for normal HTTPS & web browsers

I do not want to ruin your enthusiasm. Unfortunately, someone has to write code. Just opening an issue likely will not help On Sun, Sep 8, 2024, 23:09 Meunier ***@***.***>...

IKEv1 vulnerable to amplification attack?

you are reporting commit hash from 2019. in https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq is resolved some amplification. as for "deprecation of IKEv1", currently it is the only implemented protocol. if you do not like...

IKEv1 vulnerable to amplification attack?

answering direct question "IKEv1 vulnerable to amplification attack?" - yes, implementations prior to https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764 are vulnerable