Commit 5c27740a authored by Andreas Schneider's avatar Andreas Schneider Committed by Andreas Schneider

docs-xml: Add a section about weak crypto in testparm manpage

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14583Signed-off-by: Andreas Schneider's avatarAndreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy's avatarAlexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov 27 13:48:20 UTC 2020 on sn-devel-184
parent 4142bde7
......@@ -171,6 +171,15 @@
errors and warnings if the file did not load. If the file was
loaded OK, the program then dumps all known service details
to stdout. </para>
<para>For certain use cases, SMB protocol requires use of
cryptographic algorithms which are known to be weak and already
broken. DES and ARCFOUR (RC4) ciphers and the SHA1 and MD5 hash
algorithms are considered weak but they are required for backward
compatibility. The testparm utility shows whether the Samba tools
will fall back to these weak crypto algorithms if it is not possible
to use strong cryptography by default.
In FIPS mode weak crypto cannot be enabled.</para>
</refsect1>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment