How to verify the usage of dhaparameters configuration from command-line?

Asked Jun 11 '15 at 22:28

Active Jun 11 '15 at 22:28

Viewed 170 times

Although Qualys will happily do it for Internet-reachable systems, some of ours are on private networks. I'd like to be able to verify them all remotely.

Is there a "quick" recipe -- something based on openssl s_client perhaps, that will report the use of 2048-bit dhparams (or lack thereof)? Thank you!

asked Jun 11 '15 at 22:28

Mikhail T.

You can use nmap to check for various cipher suites. [Here is a link](https://danielmiessler.com/blog/check-logjam-nmap/) to a guide on how to check for logjam using nmap. – JekwA Jun 11 '15 at 22:56
3

Dupe of http://security.stackexchange.com/questions/89773/how-to-check-if-a-server-is-not-vulnerable-to-logjam and http://superuser.com/questions/905557/openssl-display-dh-parameters . Summary: use openssl **1.0.2** s_client. – dave_thompson_085 Jun 12 '15 at 01:16

How to verify the usage of dhaparameters configuration from command-line?

0 Answers0