F5 - Commande pour voir les ciphers client ou serveur par défaut
Alasta 13 Juillet 2015 f5 cli network F5
Description : Nous allons voir comment afficher les ciphers client et serveur.
Ciphers Client :
shell> tmm --clientciphers 'DEFAULT'
ID SUITE BITS PROT METHOD CIPHER MAC KEYX
0: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA
1: 53 AES256-SHA 256 TLS1 Native AES SHA RSA
2: 53 AES256-SHA 256 TLS1.1 Native AES SHA RSA
3: 53 AES256-SHA 256 TLS1.2 Native AES SHA RSA
4: 53 AES256-SHA 256 DTLS1 Native AES SHA RSA
6: 47 AES128-SHA 128 TLS1 Native AES SHA RSA
7: 47 AES128-SHA 128 TLS1.1 Native AES SHA RSA
8: 47 AES128-SHA 128 TLS1.2 Native AES SHA RSA
9: 47 AES128-SHA 128 DTLS1 Native AES SHA RSA
10: 10 DES-CBC3-SHA 192 TLS1 Native DES SHA RSA
11: 10 DES-CBC3-SHA 192 TLS1.1 Native DES SHA RSA
12: 10 DES-CBC3-SHA 192 TLS1.2 Native DES SHA RSA
13: 10 DES-CBC3-SHA 192 DTLS1 Native DES SHA RSA
14: 5 RC4-SHA 128 TLS1 Native RC4 SHA RSA
15: 5 RC4-SHA 128 TLS1.1 Native RC4 SHA RSA
16: 5 RC4-SHA 128 TLS1.2 Native RC4 SHA RSA
17: 49192 ECDHE-RSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDHE_RSA
18: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1 Native AES SHA ECDHE_RSA
19: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.1 Native AES SHA ECDHE_RSA
20: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.2 Native AES SHA ECDHE_RSA
21: 49191 ECDHE-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDHE_RSA
22: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1 Native AES SHA ECDHE_RSA
23: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.1 Native AES SHA ECDHE_RSA
24: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.2 Native AES SHA ECDHE_RSA
25: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1 Native DES SHA ECDHE_RSA
26: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.1 Native DES SHA ECDHE_RSA
27: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.2 Native DES SHA ECDHE_RSAMAJ du 2016-11-18 :
Spécifier une liste exhaustive :
shell> tmm --clientciphers 'TLSv1_2:!SHA:!RC4-MD5:!DHE-RSA-AES256-GCM-SHA384:!DHE-RSA-AES256-SHA256'
ID SUITE BITS PROT METHOD CIPHER MAC KEYX
0: 49200 ECDHE-RSA-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 ECDHE_RSA
1: 49196 ECDHE-ECDSA-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 ECDHE_ECDSA
2: 49192 ECDHE-RSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDHE_RSA
3: 49188 ECDHE-ECDSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDHE_ECDSA
4: 163 DHE-DSS-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 DHE/DSS
5: 106 DHE-DSS-AES256-SHA256 256 TLS1.2 Native AES SHA256 DHE/DSS
6: 167 ADH-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 ADH
7: 49202 ECDH-RSA-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 ECDH_RSA
8: 49198 ECDH-ECDSA-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 ECDH_ECDSA
9: 49194 ECDH-RSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDH_RSA
10: 49190 ECDH-ECDSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDH_ECDSA
11: 157 AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 RSA
12: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA
13: 49199 ECDHE-RSA-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 ECDHE_RSA
14: 49195 ECDHE-ECDSA-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 ECDHE_ECDSA
15: 49191 ECDHE-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDHE_RSA
16: 49187 ECDHE-ECDSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDHE_ECDSA
17: 162 DHE-DSS-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 DHE/DSS
18: 158 DHE-RSA-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 EDH/RSA
19: 103 DHE-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 EDH/RSA
20: 64 DHE-DSS-AES128-SHA256 128 TLS1.2 Native AES SHA256 DHE/DSS
21: 166 ADH-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 ADH
22: 49201 ECDH-RSA-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 ECDH_RSA
23: 49197 ECDH-ECDSA-AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 ECDH_ECDSA
24: 49193 ECDH-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDH_RSA
25: 49189 ECDH-ECDSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDH_ECDSA
26: 156 AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 RSA
27: 60 AES128-SHA256 128 TLS1.2 Native AES SHA256 RSACiphers Serveur :
shell> tmm --serverciphers 'DEFAULT'
ID SUITE BITS PROT METHOD CIPHER MAC KEYX
0: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA
1: 53 AES256-SHA 256 TLS1 Native AES SHA RSA
2: 53 AES256-SHA 256 TLS1.1 Native AES SHA RSA
3: 53 AES256-SHA 256 TLS1.2 Native AES SHA RSA
4: 53 AES256-SHA 256 DTLS1 Native AES SHA RSA
6: 47 AES128-SHA 128 TLS1 Native AES SHA RSA
7: 47 AES128-SHA 128 TLS1.1 Native AES SHA RSA
8: 47 AES128-SHA 128 TLS1.2 Native AES SHA RSA
9: 47 AES128-SHA 128 DTLS1 Native AES SHA RSA
10: 10 DES-CBC3-SHA 192 TLS1 Native DES SHA RSA
11: 10 DES-CBC3-SHA 192 TLS1.1 Native DES SHA RSA
12: 10 DES-CBC3-SHA 192 TLS1.2 Native DES SHA RSA
13: 10 DES-CBC3-SHA 192 DTLS1 Native DES SHA RSA
14: 5 RC4-SHA 128 TLS1 Native RC4 SHA RSA
15: 5 RC4-SHA 128 TLS1.1 Native RC4 SHA RSA
16: 5 RC4-SHA 128 TLS1.2 Native RC4 SHA RSA
17: 49192 ECDHE-RSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDHE_RSA
18: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1 Native AES SHA ECDHE_RSA
19: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.1 Native AES SHA ECDHE_RSA
20: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.2 Native AES SHA ECDHE_RSA
21: 49191 ECDHE-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDHE_RSA
22: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1 Native AES SHA ECDHE_RSA
23: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.1 Native AES SHA ECDHE_RSA
24: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.2 Native AES SHA ECDHE_RSA
25: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1 Native DES SHA ECDHE_RSA
26: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.1 Native DES SHA ECDHE_RSA
27: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.2 Native DES SHA ECDHE_RSA