F5 - Commande pour voir les ciphers client ou serveur par défaut
Alasta 13 Juillet 2015 f5 cli network F5
Description : Nous allons voir comment afficher les ciphers client et serveur.
Ciphers Client :
1 shell> tmm --clientciphers 'DEFAULT'
2 ID SUITE BITS PROT METHOD CIPHER MAC KEYX
3 0: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA
4 1: 53 AES256-SHA 256 TLS1 Native AES SHA RSA
5 2: 53 AES256-SHA 256 TLS1.1 Native AES SHA RSA
6 3: 53 AES256-SHA 256 TLS1.2 Native AES SHA RSA
7 4: 53 AES256-SHA 256 DTLS1 Native AES SHA RSA
8 6: 47 AES128-SHA 128 TLS1 Native AES SHA RSA
9 7: 47 AES128-SHA 128 TLS1.1 Native AES SHA RSA
10 8: 47 AES128-SHA 128 TLS1.2 Native AES SHA RSA
11 9: 47 AES128-SHA 128 DTLS1 Native AES SHA RSA
12 10: 10 DES-CBC3-SHA 192 TLS1 Native DES SHA RSA
13 11: 10 DES-CBC3-SHA 192 TLS1.1 Native DES SHA RSA
14 12: 10 DES-CBC3-SHA 192 TLS1.2 Native DES SHA RSA
15 13: 10 DES-CBC3-SHA 192 DTLS1 Native DES SHA RSA
16 14: 5 RC4-SHA 128 TLS1 Native RC4 SHA RSA
17 15: 5 RC4-SHA 128 TLS1.1 Native RC4 SHA RSA
18 16: 5 RC4-SHA 128 TLS1.2 Native RC4 SHA RSA
19 17: 49192 ECDHE-RSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDHE_RSA
20 18: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1 Native AES SHA ECDHE_RSA
21 19: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.1 Native AES SHA ECDHE_RSA
22 20: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.2 Native AES SHA ECDHE_RSA
23 21: 49191 ECDHE-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDHE_RSA
24 22: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1 Native AES SHA ECDHE_RSA
25 23: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.1 Native AES SHA ECDHE_RSA
26 24: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.2 Native AES SHA ECDHE_RSA
27 25: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1 Native DES SHA ECDHE_RSA
28 26: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.1 Native DES SHA ECDHE_RSA
29 27: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.2 Native DES SHA ECDHE_RSA
MAJ du 2016-11-18 :
Spécifier une liste exhaustive :
1 shell> tmm --clientciphers 'TLSv1_2:!SHA:!RC4-MD5:!DHE-RSA-AES256-GCM-SHA384:!DHE-RSA-AES256-SHA256'
2 ID SUITE BITS PROT METHOD CIPHER MAC KEYX
3 0: 49200 ECDHE-RSA-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 ECDHE_RSA
4 1: 49196 ECDHE-ECDSA-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 ECDHE_ECDSA
5 2: 49192 ECDHE-RSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDHE_RSA
6 3: 49188 ECDHE-ECDSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDHE_ECDSA
7 4: 163 DHE-DSS-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 DHE/DSS
8 5: 106 DHE-DSS-AES256-SHA256 256 TLS1.2 Native AES SHA256 DHE/DSS
9 6: 167 ADH-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 ADH
10 7: 49202 ECDH-RSA-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 ECDH_RSA
11 8: 49198 ECDH-ECDSA-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 ECDH_ECDSA
12 9: 49194 ECDH-RSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDH_RSA
13 10: 49190 ECDH-ECDSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDH_ECDSA
14 11: 157 AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 RSA
15 12: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA
16 13: 49199 ECDHE-RSA-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 ECDHE_RSA
17 14: 49195 ECDHE-ECDSA-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 ECDHE_ECDSA
18 15: 49191 ECDHE-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDHE_RSA
19 16: 49187 ECDHE-ECDSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDHE_ECDSA
20 17: 162 DHE-DSS-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 DHE/DSS
21 18: 158 DHE-RSA-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 EDH/RSA
22 19: 103 DHE-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 EDH/RSA
23 20: 64 DHE-DSS-AES128-SHA256 128 TLS1.2 Native AES SHA256 DHE/DSS
24 21: 166 ADH-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 ADH
25 22: 49201 ECDH-RSA-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 ECDH_RSA
26 23: 49197 ECDH-ECDSA-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 ECDH_ECDSA
27 24: 49193 ECDH-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDH_RSA
28 25: 49189 ECDH-ECDSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDH_ECDSA
29 26: 156 AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 RSA
30 27: 60 AES128-SHA256 128 TLS1.2 Native AES SHA256 RSA
Ciphers Serveur :
1 shell> tmm --serverciphers 'DEFAULT'
2 ID SUITE BITS PROT METHOD CIPHER MAC KEYX
3 0: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA
4 1: 53 AES256-SHA 256 TLS1 Native AES SHA RSA
5 2: 53 AES256-SHA 256 TLS1.1 Native AES SHA RSA
6 3: 53 AES256-SHA 256 TLS1.2 Native AES SHA RSA
7 4: 53 AES256-SHA 256 DTLS1 Native AES SHA RSA
8 6: 47 AES128-SHA 128 TLS1 Native AES SHA RSA
9 7: 47 AES128-SHA 128 TLS1.1 Native AES SHA RSA
10 8: 47 AES128-SHA 128 TLS1.2 Native AES SHA RSA
11 9: 47 AES128-SHA 128 DTLS1 Native AES SHA RSA
12 10: 10 DES-CBC3-SHA 192 TLS1 Native DES SHA RSA
13 11: 10 DES-CBC3-SHA 192 TLS1.1 Native DES SHA RSA
14 12: 10 DES-CBC3-SHA 192 TLS1.2 Native DES SHA RSA
15 13: 10 DES-CBC3-SHA 192 DTLS1 Native DES SHA RSA
16 14: 5 RC4-SHA 128 TLS1 Native RC4 SHA RSA
17 15: 5 RC4-SHA 128 TLS1.1 Native RC4 SHA RSA
18 16: 5 RC4-SHA 128 TLS1.2 Native RC4 SHA RSA
19 17: 49192 ECDHE-RSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDHE_RSA
20 18: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1 Native AES SHA ECDHE_RSA
21 19: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.1 Native AES SHA ECDHE_RSA
22 20: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.2 Native AES SHA ECDHE_RSA
23 21: 49191 ECDHE-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDHE_RSA
24 22: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1 Native AES SHA ECDHE_RSA
25 23: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.1 Native AES SHA ECDHE_RSA
26 24: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.2 Native AES SHA ECDHE_RSA
27 25: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1 Native DES SHA ECDHE_RSA
28 26: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.1 Native DES SHA ECDHE_RSA
29 27: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.2 Native DES SHA ECDHE_RSA