ACIL FM
Dark
Refresh
Current DIR:
/usr/share/crypto-policies/policies
/
usr
share
crypto-policies
policies
Upload
Zip Selected
Delete Selected
Pilih semua
Nama
Ukuran
Permission
Aksi
modules
-
chmod
Open
Rename
Delete
DEFAULT.pol
2.55 MB
chmod
View
DL
Edit
Rename
Delete
EMPTY.pol
277 B
chmod
View
DL
Edit
Rename
Delete
FIPS.pol
2.12 MB
chmod
View
DL
Edit
Rename
Delete
FUTURE.pol
2.56 MB
chmod
View
DL
Edit
Rename
Delete
LEGACY.pol
2.71 MB
chmod
View
DL
Edit
Rename
Delete
Edit file: /usr/share/crypto-policies/policies/DEFAULT.pol
# A reasonable default for today's standards. # It should provide 112-bit security. # SHA1 is allowed in HMAC where collision resistance does not matter. # MACs: all HMAC with SHA1 or better + all modern MACs (Poly1305 etc) # Curves: all prime >= 255 bits (including Bernstein curves) # Signature algorithms: with SHA-224 hash or better (no DSA) # Ciphers: >= 128-bit key, >= 128-bit block (AES, ChaCha20) # key exchange: ECDHE, RSA, DHE (no DHE-DSS) # DH params size: >= 2048 # RSA params size: >= 2048 # TLS protocols: TLS >= 1.2, DTLS >= 1.2 mac = AEAD HMAC-SHA2-256 HMAC-SHA1 UMAC-128 HMAC-SHA2-384 HMAC-SHA2-512 mac@Kerberos = HMAC-SHA2-384 HMAC-SHA2-256 AEAD UMAC-128 HMAC-SHA2-512 HMAC-SHA1 group = X25519 SECP256R1 X448 SECP521R1 SECP384R1 \ FFDHE-2048 FFDHE-3072 FFDHE-4096 FFDHE-6144 FFDHE-8192 hash = SHA2-256 SHA2-384 SHA2-512 SHA3-256 SHA3-384 SHA3-512 SHA2-224 SHA3-224 \ SHAKE-256 hash@RPM = SHA1+ sign = ECDSA-SHA3-256 ECDSA-SHA2-256 ECDSA-SHA2-256-FIDO \ ECDSA-SHA3-384 ECDSA-SHA2-384 \ ECDSA-SHA3-512 ECDSA-SHA2-512 \ EDDSA-ED25519 EDDSA-ED25519-FIDO EDDSA-ED448 \ RSA-PSS-SHA3-256 RSA-PSS-SHA2-256 \ RSA-PSS-SHA3-384 RSA-PSS-SHA2-384 \ RSA-PSS-SHA3-512 RSA-PSS-SHA2-512 \ RSA-PSS-RSAE-SHA3-256 RSA-PSS-RSAE-SHA2-256 \ RSA-PSS-RSAE-SHA3-384 RSA-PSS-RSAE-SHA2-384 \ RSA-PSS-RSAE-SHA3-512 RSA-PSS-RSAE-SHA2-512 \ RSA-SHA3-256 RSA-SHA2-256 \ RSA-SHA3-384 RSA-SHA2-384 \ RSA-SHA3-512 RSA-SHA2-512 \ ECDSA-SHA2-224 RSA-PSS-SHA2-224 RSA-SHA2-224 \ ECDSA-SHA3-224 RSA-PSS-SHA3-224 RSA-SHA3-224 cipher = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 \ AES-256-CTR AES-256-CBC \ AES-128-GCM AES-128-CCM \ AES-128-CTR AES-128-CBC cipher@TLS = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 AES-256-CBC \ AES-128-GCM AES-128-CCM AES-128-CBC cipher@RPM = AES-256-CFB AES-256-GCM AES-256-OCB AES-256-EAX \ AES-128-CFB AES-128-GCM AES-128-OCB AES-128-EAX # CBC ciphers in SSH are considered vulnerable to plaintext recovery attacks # and disabled in client OpenSSH 7.6 (2017) and server OpenSSH 6.7 (2014). cipher@SSH = -*-CBC # 'RSA' is intentionally before DHE ciphersuites, as the DHE ciphersuites have # interoperability issues in TLS. key_exchange = ECDHE RSA DHE DHE-RSA PSK DHE-PSK ECDHE-PSK RSA-PSK ECDHE-GSS DHE-GSS protocol@TLS = TLS1.3 TLS1.2 DTLS1.2 protocol@IKE = IKEv2 # Parameter sizes min_dh_size = 2048 min_dsa_size = 2048 # DSA is disabled min_rsa_size = 2048 # GnuTLS only for now sha1_in_certs = 0 arbitrary_dh_groups = 1 ssh_certs = 1 etm@SSH = ANY
Simpan
Batal
Isi Zip:
Unzip
Create
Buat Folder
Buat File
Terminal / Execute
Run
Chmod Bulk
All File
All Folder
All File dan Folder
Apply