[PVE-User] Diffie-Hellman vulnerability
w.bumiller at proxmox.com
Wed Oct 21 10:45:06 CEST 2015
As far as I can tell the most important part of this is that _clients_ reject DH
primes < 1024 bit, as a man-in-the-middle can downgrade the connection.
As for what the server supports, this mostly depends on the openssl packages
# openssl s_client -connect localhost:8006 -cipher EDH |& grep 'Server Temp Key'
Server Temp Key: DH, 1539 bits
Currently uses 1539 bits, so that should be good enough.
> On October 21, 2015 at 9:47 AM Karl Ståhl <karl.e.stahl at gmail.com> wrote:
> Is this vulnerability fixed for Proxmox web interface?
> pve-user mailing list
> pve-user at pve.proxmox.com
More information about the pve-user