Created
May 29, 2019 21:04
-
-
Save justinstoller/43cfe6e1d3c25362f27f18d156448348 to your computer and use it in GitHub Desktop.
fips stuff
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| tk-jetty9 justin (newjetty %) ‖ cat osx | |
| TLS_AES_128_GCM_SHA256 | |
| TLS_AES_256_GCM_SHA384 | |
| TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 | |
| TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 | |
| TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 | |
| TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 | |
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 | |
| TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 | |
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 | |
| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 | |
| TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | |
| TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | |
| TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | |
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | |
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | |
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | |
| TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 | |
| TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 | |
| TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 | |
| TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 | |
| TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 | |
| tk-jetty9 justin (newjetty %) ‖ cat fips | |
| SSL_CK_DES_192_EDE3_CBC_WITH_SHA | |
| TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 | |
| TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 | |
| TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 | |
| TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 | |
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 | |
| TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 | |
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 | |
| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 | |
| TLS_DH_DSS_WITH_AES_128_CBC_SHA256 | |
| TLS_DH_DSS_WITH_AES_128_GCM_SHA256 | |
| TLS_DH_DSS_WITH_AES_256_CBC_SHA256 | |
| TLS_DH_DSS_WITH_AES_256_GCM_SHA384 | |
| TLS_DH_RSA_WITH_AES_128_CBC_SHA256 | |
| TLS_DH_RSA_WITH_AES_128_GCM_SHA256 | |
| TLS_DH_RSA_WITH_AES_256_CBC_SHA256 | |
| TLS_DH_RSA_WITH_AES_256_GCM_SHA384 | |
| TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | |
| TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | |
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | |
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | |
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | |
| TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 | |
| TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 | |
| TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 | |
| TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 | |
| TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 | |
| TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 | |
| TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA | |
| tk-jetty9 justin (newjetty %) ‖ diff osx fips | |
| 1,2c1 | |
| < TLS_AES_128_GCM_SHA256 | |
| < TLS_AES_256_GCM_SHA384 | |
| --- | |
| > SSL_CK_DES_192_EDE3_CBC_WITH_SHA | |
| 11c10,17 | |
| < TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | |
| --- | |
| > TLS_DH_DSS_WITH_AES_128_CBC_SHA256 | |
| > TLS_DH_DSS_WITH_AES_128_GCM_SHA256 | |
| > TLS_DH_DSS_WITH_AES_256_CBC_SHA256 | |
| > TLS_DH_DSS_WITH_AES_256_GCM_SHA384 | |
| > TLS_DH_RSA_WITH_AES_128_CBC_SHA256 | |
| > TLS_DH_RSA_WITH_AES_128_GCM_SHA256 | |
| > TLS_DH_RSA_WITH_AES_256_CBC_SHA256 | |
| > TLS_DH_RSA_WITH_AES_256_GCM_SHA384 | |
| 21a28 | |
| > TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 | |
| 25a33 | |
| > TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rroland@rroland-puppet:~/Documents$ floaty ssh redhat-fips-7-x86_64 | |
| Warning: Permanently added 'a7n2grtj1cp73pl.delivery.puppetlabs.net,10.16.114.120' (ECDSA) to the list of known hosts. | |
| [root@a7n2grtj1cp73pl ~]# OPENSSL_FIPS=1 openssl ciphers -v 'TLSv1.2:kRSA:!eNULL:!aNULL' | |
| ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD | |
| ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD | |
| ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 | |
| ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 | |
| DH-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH/DSS Au=DH Enc=AESGCM(256) Mac=AEAD | |
| DHE-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=DSS Enc=AESGCM(256) Mac=AEAD | |
| DH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH/RSA Au=DH Enc=AESGCM(256) Mac=AEAD | |
| DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD | |
| DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 | |
| DHE-DSS-AES256-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(256) Mac=SHA256 | |
| DH-RSA-AES256-SHA256 TLSv1.2 Kx=DH/RSA Au=DH Enc=AES(256) Mac=SHA256 | |
| DH-DSS-AES256-SHA256 TLSv1.2 Kx=DH/DSS Au=DH Enc=AES(256) Mac=SHA256 | |
| ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(256) Mac=AEAD | |
| ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD | |
| ECDH-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(256) Mac=SHA384 | |
| ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256) Mac=SHA384 | |
| AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD | |
| AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256 | |
| ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD | |
| ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD | |
| ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 | |
| ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256 | |
| DH-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH/DSS Au=DH Enc=AESGCM(128) Mac=AEAD | |
| DHE-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AESGCM(128) Mac=AEAD | |
| DH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH/RSA Au=DH Enc=AESGCM(128) Mac=AEAD | |
| DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD | |
| DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256 | |
| DHE-DSS-AES128-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(128) Mac=SHA256 | |
| DH-RSA-AES128-SHA256 TLSv1.2 Kx=DH/RSA Au=DH Enc=AES(128) Mac=SHA256 | |
| DH-DSS-AES128-SHA256 TLSv1.2 Kx=DH/DSS Au=DH Enc=AES(128) Mac=SHA256 | |
| ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD | |
| ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(128) Mac=AEAD | |
| ECDH-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(128) Mac=SHA256 | |
| ECDH-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128) Mac=SHA256 | |
| AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD | |
| AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256 | |
| AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 | |
| AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 | |
| DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment