https://git.zx2c4.com Ubuntu trusty cipher compatibility
Svend Sorensen
svend at svends.net
Wed Aug 30 04:06:11 CEST 2017
The ciphers used by https://git.zx2c4.com are not compatible with
Ubuntu trusty's git/gnutls. Since this is the version of Ubuntu run by
the Melpa Emacs package archive (https://melpa.org/), the
password-store Emacs package is not getting updated there. The
discussion with the Melpa team about the issue is here:
https://github.com/melpa/melpa/issues/4892
Would it be possible to enable one of the ciphers that Ubuntu trusty
supports?
A list of supported ciphers, obtained by running the following docker
command, is at the end of this email.
docker run -it ubuntu:trusty /bin/bash -c "apt-get update && apt-get
install -y gnutls-bin && gnutls-cli -l"
Svend
Cipher suites:
TLS_ANON_DH_ARCFOUR_MD5 0x00, 0x18
SSL3.0
TLS_ANON_DH_3DES_EDE_CBC_SHA1 0x00, 0x1b
SSL3.0
TLS_ANON_DH_AES_128_CBC_SHA1 0x00, 0x34
SSL3.0
TLS_ANON_DH_AES_256_CBC_SHA1 0x00, 0x3a
SSL3.0
TLS_ANON_DH_CAMELLIA_128_CBC_SHA1 0x00, 0x46
TLS1.0
TLS_ANON_DH_CAMELLIA_256_CBC_SHA1 0x00, 0x89
TLS1.0
TLS_ANON_DH_AES_128_CBC_SHA256 0x00, 0x6c
TLS1.2
TLS_ANON_DH_AES_256_CBC_SHA256 0x00, 0x6d
TLS1.2
TLS_PSK_SHA_ARCFOUR_SHA1 0x00, 0x8a
TLS1.0
TLS_PSK_SHA_3DES_EDE_CBC_SHA1 0x00, 0x8b
TLS1.0
TLS_PSK_SHA_AES_128_CBC_SHA1 0x00, 0x8c
TLS1.0
TLS_PSK_SHA_AES_256_CBC_SHA1 0x00, 0x8d
TLS1.0
TLS_DHE_PSK_SHA_ARCFOUR_SHA1 0x00, 0x8e
TLS1.0
TLS_DHE_PSK_SHA_3DES_EDE_CBC_SHA1 0x00, 0x8f
TLS1.0
TLS_DHE_PSK_SHA_AES_128_CBC_SHA1 0x00, 0x90
TLS1.0
TLS_DHE_PSK_SHA_AES_256_CBC_SHA1 0x00, 0x91
TLS1.0
TLS_SRP_SHA_3DES_EDE_CBC_SHA1 0xc0, 0x1a
TLS1.0
TLS_SRP_SHA_AES_128_CBC_SHA1 0xc0, 0x1d
TLS1.0
TLS_SRP_SHA_AES_256_CBC_SHA1 0xc0, 0x20
TLS1.0
TLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1 0xc0, 0x1c
TLS1.0
TLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1 0xc0, 0x1b
TLS1.0
TLS_SRP_SHA_DSS_AES_128_CBC_SHA1 0xc0, 0x1f
TLS1.0
TLS_SRP_SHA_RSA_AES_128_CBC_SHA1 0xc0, 0x1e
TLS1.0
TLS_SRP_SHA_DSS_AES_256_CBC_SHA1 0xc0, 0x22
TLS1.0
TLS_SRP_SHA_RSA_AES_256_CBC_SHA1 0xc0, 0x21
TLS1.0
TLS_DHE_DSS_ARCFOUR_SHA1 0x00, 0x66
TLS1.0
TLS_DHE_DSS_3DES_EDE_CBC_SHA1 0x00, 0x13
SSL3.0
TLS_DHE_DSS_AES_128_CBC_SHA1 0x00, 0x32
SSL3.0
TLS_DHE_DSS_AES_256_CBC_SHA1 0x00, 0x38
SSL3.0
TLS_DHE_DSS_CAMELLIA_128_CBC_SHA1 0x00, 0x44
TLS1.0
TLS_DHE_DSS_CAMELLIA_256_CBC_SHA1 0x00, 0x87
TLS1.0
TLS_DHE_DSS_AES_128_CBC_SHA256 0x00, 0x40
TLS1.2
TLS_DHE_DSS_AES_256_CBC_SHA256 0x00, 0x6a
TLS1.2
TLS_DHE_RSA_3DES_EDE_CBC_SHA1 0x00, 0x16
SSL3.0
TLS_DHE_RSA_AES_128_CBC_SHA1 0x00, 0x33
SSL3.0
TLS_DHE_RSA_AES_256_CBC_SHA1 0x00, 0x39
SSL3.0
TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x45
TLS1.0
TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x88
TLS1.0
TLS_DHE_RSA_AES_128_CBC_SHA256 0x00, 0x67
TLS1.2
TLS_DHE_RSA_AES_256_CBC_SHA256 0x00, 0x6b
TLS1.2
TLS_RSA_NULL_MD5 0x00, 0x01
SSL3.0
TLS_RSA_NULL_SHA1 0x00, 0x02
SSL3.0
TLS_RSA_NULL_SHA256 0x00, 0x3b
TLS1.2
TLS_RSA_EXPORT_ARCFOUR_40_MD5 0x00, 0x03
SSL3.0
TLS_RSA_ARCFOUR_SHA1 0x00, 0x05
SSL3.0
TLS_RSA_ARCFOUR_MD5 0x00, 0x04
SSL3.0
TLS_RSA_3DES_EDE_CBC_SHA1 0x00, 0x0a
SSL3.0
TLS_RSA_AES_128_CBC_SHA1 0x00, 0x2f
SSL3.0
TLS_RSA_AES_256_CBC_SHA1 0x00, 0x35
SSL3.0
TLS_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x41
TLS1.0
TLS_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x84
TLS1.0
TLS_RSA_AES_128_CBC_SHA256 0x00, 0x3c
TLS1.2
TLS_RSA_AES_256_CBC_SHA256 0x00, 0x3d
TLS1.2
Certificate types: CTYPE-X.509, CTYPE-OPENPGP
Protocols: VERS-SSL3.0, VERS-TLS1.0, VERS-TLS1.1, VERS-TLS1.2
Ciphers: AES-256-CBC, AES-128-CBC, 3DES-CBC, DES-CBC, ARCFOUR-128,
ARCFOUR-40, RC2-40, CAMELLIA-256-CBC, CAMELLIA-128-CBC, NULL
MACs: SHA1, MD5, SHA256, SHA384, SHA512, MD2, RIPEMD160, MAC-NULL
Key exchange algorithms: ANON-DH, RSA, RSA-EXPORT, DHE-RSA, DHE-DSS,
SRP-DSS, SRP-RSA, SRP, PSK, DHE-PSK
Compression: COMP-DEFLATE, COMP-NULL
Public Key Systems: RSA, DSA
PK-signatures: SIGN-RSA-SHA1, SIGN-RSA-SHA224, SIGN-RSA-SHA256,
SIGN-RSA-SHA384, SIGN-RSA-SHA512, SIGN-RSA-RMD160, SIGN-DSA-SHA1,
SIGN-DSA-SHA224, SIGN-DSA-SHA256, SIGN-RSA-MD5, SIGN-RSA-MD2
More information about the Password-Store
mailing list