version 1.35, 2016/07/19 20:02:47 |
version 1.36, 2016/07/20 14:42:03 |
|
|
The same as |
The same as |
.Fl extensions . |
.Fl extensions . |
.El |
.El |
.\" |
|
.\" CIPHERS |
|
.\" |
|
.Sh CIPHERS |
.Sh CIPHERS |
.Nm openssl ciphers |
.Nm openssl ciphers |
.Op Fl hVv |
.Op Fl hVv |
|
|
The |
The |
.Nm ciphers |
.Nm ciphers |
command converts |
command converts |
.Nm OpenSSL |
.Nm openssl |
cipher lists into ordered SSL cipher preference lists. |
cipher lists into ordered SSL cipher preference lists. |
It can be used as a test tool to determine the appropriate cipherlist. |
It can be used as a test tool to determine the appropriate cipherlist. |
.Pp |
.Pp |
|
|
.It Fl tls1 |
.It Fl tls1 |
Only include TLS v1 ciphers. |
Only include TLS v1 ciphers. |
.It Fl V |
.It Fl V |
Like |
Verbose. |
.Fl v , |
|
but include cipher suite codes in output (hex format). |
|
.It Fl v |
|
Verbose option. |
|
List ciphers with a complete description of protocol version, |
List ciphers with a complete description of protocol version, |
key exchange, authentication, encryption and mac algorithms used along with |
key exchange, authentication, encryption and mac algorithms, |
any key size restrictions. |
any key size restrictions, |
Note that without the |
and cipher suite codes (hex format). |
.Fl v |
.It Fl v |
option, ciphers may seem to appear twice in a cipher list. |
Like |
|
.Fl V , |
|
but without cipher suite codes. |
.It Ar cipherlist |
.It Ar cipherlist |
A cipher list to convert to a cipher preference list. |
A cipher list to convert to a cipher preference list. |
If it is not included, the default cipher list will be used. |
If it is not included, the default cipher list will be used. |
The format is described below. |
.Pp |
.El |
The cipher list consists of one or more cipher strings |
.Sh CIPHERS LIST FORMAT |
|
The cipher list consists of one or more |
|
.Em cipher strings |
|
separated by colons. |
separated by colons. |
Commas or spaces are also acceptable separators, but colons are normally used. |
Commas or spaces are also acceptable separators, but colons are normally used. |
.Pp |
.Pp |
The actual |
The actual cipher string can take several different forms: |
.Em cipher string |
|
can take several different forms: |
|
.Pp |
.Pp |
It can consist of a single cipher suite such as |
It can consist of a single cipher suite, such as RC4-SHA. |
.Em RC4-SHA . |
|
.Pp |
.Pp |
It can represent a list of cipher suites containing a certain algorithm, |
It can represent a list of cipher suites containing a certain algorithm, |
or cipher suites of a certain type. |
or cipher suites of a certain type. |
For example |
For example SHA1 represents all cipher suites using the digest algorithm SHA1. |
.Em SHA1 |
|
represents all cipher suites using the digest algorithm SHA1. |
|
.Pp |
.Pp |
Lists of cipher suites can be combined in a single |
Lists of cipher suites can be combined in a single cipher string using the |
.Em cipher string |
|
using the |
|
.Sq + |
.Sq + |
character. |
character |
This is used as a logical |
(logical AND operation). |
.Em and |
For example, SHA1+DES represents all cipher suites |
operation. |
containing the SHA1 and DES algorithms. |
For example, |
|
.Em SHA1+DES |
|
represents all cipher suites containing the SHA1 and the DES algorithms. |
|
.Pp |
.Pp |
Each cipher string can be optionally preceded by the characters |
Each cipher string can be optionally preceded by the characters |
.Sq \&! , |
.Sq \&! , |
.Sq - , |
.Sq - , |
or |
or |
.Sq + . |
.Sq + . |
.Pp |
|
If |
If |
.Sq !\& |
.Sq !\& |
is used, then the ciphers are permanently deleted from the list. |
is used, then the ciphers are permanently deleted from the list. |
The ciphers deleted can never reappear in the list even if they are |
The ciphers deleted can never reappear in the list even if they are |
explicitly stated. |
explicitly stated. |
.Pp |
|
If |
If |
.Sq - |
.Sq - |
is used, then the ciphers are deleted from the list, but some or |
is used, then the ciphers are deleted from the list, but some or |
all of the ciphers can be added again by later options. |
all of the ciphers can be added again by later options. |
.Pp |
|
If |
If |
.Sq + |
.Sq + |
is used, then the ciphers are moved to the end of the list. |
is used, then the ciphers are moved to the end of the list. |
|
|
that is, they will not be moved to the end of the list. |
that is, they will not be moved to the end of the list. |
.Pp |
.Pp |
Additionally, the cipher string |
Additionally, the cipher string |
.Em @STRENGTH |
.Cm @STRENGTH |
can be used at any point to sort the current cipher list in order of |
can be used at any point to sort the current cipher list in order of |
encryption algorithm key length. |
encryption algorithm key length. |
.Sh CIPHERS STRINGS |
.El |
|
.Pp |
The following is a list of all permitted cipher strings and their meanings. |
The following is a list of all permitted cipher strings and their meanings. |
.Bl -tag -width "XXXX" |
.Bl -tag -width "XXXX" |
.It Ar DEFAULT |
.It Cm DEFAULT |
The default cipher list. |
The default cipher list. |
This is determined at compile time and is currently |
This is determined at compile time and is currently |
.Ar ALL:!aNULL:!eNULL:!SSLv2 . |
.Cm ALL:!aNULL:!eNULL:!SSLv2 . |
This must be the first |
This must be the first cipher string specified. |
.Ar cipher string |
.It Cm COMPLEMENTOFDEFAULT |
specified. |
|
.It Ar COMPLEMENTOFDEFAULT |
|
The ciphers included in |
The ciphers included in |
.Ar ALL , |
.Cm ALL , |
but not enabled by default. |
but not enabled by default. |
Currently this is |
Currently this is |
.Ar ADH . |
.Cm ADH . |
Note that this rule does not cover |
Note that this rule does not cover |
.Ar eNULL , |
.Cm eNULL , |
which is not included by |
which is not included by |
.Ar ALL |
.Cm ALL |
(use |
(use |
.Ar COMPLEMENTOFALL |
.Cm COMPLEMENTOFALL |
if necessary). |
if necessary). |
.It Ar ALL |
.It Cm ALL |
All cipher suites except the |
All cipher suites except the |
.Ar eNULL |
.Cm eNULL |
ciphers which must be explicitly enabled. |
ciphers, which must be explicitly enabled. |
.It Ar COMPLEMENTOFALL |
.It Cm COMPLEMENTOFALL |
The cipher suites not enabled by |
The cipher suites not enabled by |
.Ar ALL , |
.Cm ALL , |
currently being |
currently being |
.Ar eNULL . |
.Cm eNULL . |
.It Ar HIGH |
.It Cm HIGH |
.Qq High |
.Qq High |
encryption cipher suites. |
encryption cipher suites. |
This currently means those with key lengths larger than 128 bits. |
This currently means those with key lengths larger than 128 bits. |
.It Ar MEDIUM |
.It Cm MEDIUM |
.Qq Medium |
.Qq Medium |
encryption cipher suites, currently those using 128-bit encryption. |
encryption cipher suites, currently those using 128-bit encryption. |
.It Ar LOW |
.It Cm LOW |
.Qq Low |
.Qq Low |
encryption cipher suites, currently those using 64- or 56-bit encryption |
encryption cipher suites, currently those using 64- or 56-bit encryption |
algorithms. |
algorithms. |
.It Ar eNULL , NULL |
.It Cm eNULL , NULL |
The |
The |
.Qq NULL |
.Qq NULL |
ciphers; that is, those offering no encryption. |
ciphers; that is, those offering no encryption. |
Because these offer no encryption at all and are a security risk, |
Because these offer no encryption at all and are a security risk, |
they are disabled unless explicitly included. |
they are disabled unless explicitly included. |
.It Ar aNULL |
.It Cm aNULL |
The cipher suites offering no authentication. |
The cipher suites offering no authentication. |
This is currently the anonymous DH algorithms. |
This is currently the anonymous DH algorithms. |
These cipher suites are vulnerable to a |
These cipher suites are vulnerable to a |
.Qq man in the middle |
.Qq man in the middle |
attack, so their use is normally discouraged. |
attack, so their use is normally discouraged. |
.It Ar kRSA , RSA |
.It Cm kRSA , RSA |
Cipher suites using RSA key exchange. |
Cipher suites using RSA key exchange. |
.It Ar kEDH |
.It Cm kEDH |
Cipher suites using ephemeral DH key agreement. |
Cipher suites using ephemeral DH key agreement. |
.It Ar aRSA |
.It Cm aRSA |
Cipher suites using RSA authentication, i.e. the certificates carry RSA keys. |
Cipher suites using RSA authentication, i.e. the certificates carry RSA keys. |
.It Ar aDSS , DSS |
.It Cm aDSS , DSS |
Cipher suites using DSS authentication, i.e. the certificates carry DSS keys. |
Cipher suites using DSS authentication, i.e. the certificates carry DSS keys. |
.It Ar TLSv1 |
.It Cm TLSv1 |
TLS v1.0 cipher suites. |
TLS v1.0 cipher suites. |
.It Ar DH |
.It Cm DH |
Cipher suites using DH, including anonymous DH. |
Cipher suites using DH, including anonymous DH. |
.It Ar ADH |
.It Cm ADH |
Anonymous DH cipher suites. |
Anonymous DH cipher suites. |
.It Ar AES |
.It Cm AES |
Cipher suites using AES. |
Cipher suites using AES. |
.It Ar 3DES |
.It Cm 3DES |
Cipher suites using triple DES. |
Cipher suites using triple DES. |
.It Ar DES |
.It Cm DES |
Cipher suites using DES |
Cipher suites using DES |
.Pq not triple DES . |
.Pq not triple DES . |
.It Ar RC4 |
.It Cm RC4 |
Cipher suites using RC4. |
Cipher suites using RC4. |
.It Ar CAMELLIA |
.It Cm CAMELLIA |
Cipher suites using Camellia. |
Cipher suites using Camellia. |
.It Ar CHACHA20 |
.It Cm CHACHA20 |
Cipher suites using ChaCha20. |
Cipher suites using ChaCha20. |
.It Ar IDEA |
.It Cm IDEA |
Cipher suites using IDEA. |
Cipher suites using IDEA. |
.It Ar MD5 |
.It Cm MD5 |
Cipher suites using MD5. |
Cipher suites using MD5. |
.It Ar SHA1 , SHA |
.It Cm SHA1 , SHA |
Cipher suites using SHA1. |
Cipher suites using SHA1. |
.El |
.El |
.Sh CIPHERS EXAMPLES |
|
Verbose listing of all |
|
.Nm OpenSSL |
|
ciphers including NULL ciphers: |
|
.Pp |
|
.Dl $ openssl ciphers -v 'ALL:eNULL' |
|
.Pp |
|
Include all ciphers except NULL and anonymous DH then sort by |
|
strength: |
|
.Pp |
|
.Dl $ openssl ciphers -v 'ALL:!ADH:@STRENGTH' |
|
.Pp |
|
Include only 3DES ciphers and then place RSA ciphers last: |
|
.Pp |
|
.Dl $ openssl ciphers -v '3DES:+RSA' |
|
.Pp |
|
Include all RC4 ciphers but leave out those without authentication: |
|
.Pp |
|
.Dl $ openssl ciphers -v 'RC4:!COMPLEMENTOFDEFAULT' |
|
.Pp |
|
Include all ciphers with RSA authentication but leave out ciphers without |
|
encryption: |
|
.Pp |
|
.Dl $ openssl ciphers -v 'RSA:!COMPLEMENTOFALL' |
|
.\" |
.\" |
.\" CRL |
.\" CRL |
.\" |
.\" |