{"id":719,"date":"2015-05-21T12:44:19","date_gmt":"2015-05-21T10:44:19","guid":{"rendered":"http:\/\/ndk.sytes.net\/wordpress\/?p=719"},"modified":"2015-05-21T12:44:19","modified_gmt":"2015-05-21T10:44:19","slug":"generating-a-unique-dh-diffie-hellman-group","status":"publish","type":"post","link":"https:\/\/ndk.sytes.net\/wordpress\/?p=719","title":{"rendered":"Generating a Unique DH (Diffie-Hellman) Group"},"content":{"rendered":"<p>\n\tDue to a recent D(iffie)H(ellman) attack possibility called LogJam on lower paramter lengths like 512 bit and maybe, in short future, 768 bit, here the command to create a real strong parameter of 4096 bit:\n<\/p>\n<pre>\nopenssl dhparam -out dhparams.pem 4096<\/pre>\n<p>\n\t&nbsp;\n<\/p>\n<p>\n\t<strong>Please be aware that this key creation can take up to 20 minutes and evern longer depending on your CPU.<\/strong>\n<\/p>\n<p>\n\tMost software (apache, postfix, sendmail, dovecot etc) have config parameters where you can set the Diffie-Hellman group file. The DH algorithm is used to create secure keys when using connections over SSL\/TLS.\n<\/p>\n<p>\n\tMore information about&nbsp;configuring different servers can be found <a href=\"https:\/\/weakdh.org\/sysadmin.html\" target=\"_blank\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Due to a recent D(iffie)H(ellman) attack possibility called LogJam on lower paramter lengths like 512 bit and maybe, in short future, 768 bit, here the command to create a real strong parameter of 4096 bit: openssl dhparam -out dhparams.pem 4096 &nbsp; Please be aware that this key creation can take up to 20 minutes and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,7],"tags":[],"class_list":["post-719","post","type-post","status-publish","format-standard","hentry","category-linuxunix","category-servers"],"_links":{"self":[{"href":"https:\/\/ndk.sytes.net\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/719","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ndk.sytes.net\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ndk.sytes.net\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ndk.sytes.net\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ndk.sytes.net\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=719"}],"version-history":[{"count":0,"href":"https:\/\/ndk.sytes.net\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/719\/revisions"}],"wp:attachment":[{"href":"https:\/\/ndk.sytes.net\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=719"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ndk.sytes.net\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=719"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ndk.sytes.net\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=719"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}