Re: [exim] Exim TLS security, DH and standard parameters

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Phil Pennock
Data:  
Para: exim-users
Asunto: Re: [exim] Exim TLS security, DH and standard parameters
In addition to Jeremy's reply:

On 2016-10-09 at 13:14 +0300, Lena@??? wrote:
> openssl dhparam -out /path/dhparam.pem 2236
> chown root:mail /path/dhparam.pem
> chmod 640 /path/dhparam.pem


`chmod 644` -- the parameters are public, sent to anyone who connects to
your server. Tightening the permissions and requiring accurate groups
just makes your life more intricate. Generate them, make them world
readable, use them.

-Phil