duraconf

duraconf copied to clipboard

Update sshd-pfs_config

1

Added more detail for a strong sshd_config file

rhyven

Added hardended SSH client preferences

2

There is already a hardened SSH server configuration file, but this new SSH client configuration file will make OpenSSH SSH client prefer stronger ciphers and MACs when the server in...

GigabyteProductions

More information about the Logjam attack here: https://weakdh.org/ And here are some information what to do as a server admin: https://weakdh.org/sysadmin.html

rugk

The README suggests it is possible to have Apache redirect users with insufficiently secure SSL/TLS stacks to some specific page indicating the problem. http://httpd.apache.org/docs/current/mod/mod_ssl.html#envvars describes the SSL related environmental variables...

jhmartin

gnupg 2.1

1

Seems gnupg 2.1 now uses dirmngr.conf according to https://sks-keyservers.net/overview-of-pools.php. I haven't managed to get the new configuration to work yet but wanted to point it out.

windowsrefund

e.g. from from https://stribika.github.io/2015/01/04/secure-secure-shell.html

muelli

https://twitter.com/ioerror/status/552441110719918080

stribika

Corrected docstring to mention that HSTS headers _are_ included, as well as some indentation cleanup.

yuvadm

pgr0ss

Enable TLSv1.1 and v1.2 in Postfix

2

The config before was fixed to TLSv1.0 see http://www.postfix.org/postconf.5.html#smtpd_tls_mandatory_protocols

t2d