diff options
author | Andreas Schneider <asn@samba.org> | 2020-11-27 11:22:15 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2020-11-27 13:48:19 +0000 |
commit | 5c27740aeff273bcd5f027d36874e56170234146 (patch) | |
tree | 8d4ddccfe7eca6dc8bbeef6098ae4d41868b9e57 /docs-xml | |
parent | 4142bde7e524e9d5a491b2ff1afa4990e2c89a10 (diff) | |
download | samba-5c27740aeff273bcd5f027d36874e56170234146.tar.gz |
docs-xml: Add a section about weak crypto in testparm manpage
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14583
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov 27 13:48:20 UTC 2020 on sn-devel-184
Diffstat (limited to 'docs-xml')
-rw-r--r-- | docs-xml/manpages/testparm.1.xml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/docs-xml/manpages/testparm.1.xml b/docs-xml/manpages/testparm.1.xml index 9099cda010f..7c7abf50e8b 100644 --- a/docs-xml/manpages/testparm.1.xml +++ b/docs-xml/manpages/testparm.1.xml @@ -171,6 +171,15 @@ errors and warnings if the file did not load. If the file was loaded OK, the program then dumps all known service details to stdout. </para> + + <para>For certain use cases, SMB protocol requires use of + cryptographic algorithms which are known to be weak and already + broken. DES and ARCFOUR (RC4) ciphers and the SHA1 and MD5 hash + algorithms are considered weak but they are required for backward + compatibility. The testparm utility shows whether the Samba tools + will fall back to these weak crypto algorithms if it is not possible + to use strong cryptography by default. + In FIPS mode weak crypto cannot be enabled.</para> </refsect1> |