sslwrap/gnutls: DH_PRIME_UNACCEPTABLE

To: debian-user@lists.debian.org
Subject: sslwrap/gnutls: DH_PRIME_UNACCEPTABLE
From: David Fokkema <dfokkema@ileos.nl>
Date: Wed, 7 May 2003 21:46:39 +0200
Message-id: <[🔎] 20030507194639.GA10125@sirius.ileos.home>
Mail-followup-to: dfokkema@murphy.debian.org, debian-user@lists.debian.org

Hi group,

I have the following problem: my server's running stable with uw-imapd.
It supports TLS, but apparently, that's a bit buggy (so gnutls-cli-debug
tells me).

I installed sslwrap (thanks nate!) to cope with this. Rather than
backporting uw-imapd from testing, I can use everything from stable. The
problem is that mutt returns DH_PRIME_UNACCEPTABLE. I ran
gnutls-cli-debug and it tells me that sslwrap does not properly support
ephemeral Diffie Hellmann. I googled, and I figured out that sslwrap by
default uses a DH prime of 512 bits and gnutls rejects primes shorter
than 768 bits, :-(

So, anybody out there who can help me with this? Preferably, I want to
tell sslwrap to use 768 bits. Alternatively, I could tell gnutls to use
512 bits. I don't know how to do either, :-(

TIA,
David

Reply to:

Prev by Date: SSH key authentication
Next by Date: Re: Text mode boot
Previous by thread: Re: SSH key authentication
Next by thread: HELP - routing...
Index(es):
- Date
- Thread