I have been working on getting a Mac client connected to my broker and workstations, and have found that this client specifically seems to be using very old openssl options. I have had to update my servers to get the SSH connections to work, and even had to do some patching to the broker-daemon to force it to use TLSv1 to support these clients. I don't have either of these issues with my Ubuntu client, so I am even running two broker daemons on different ports just so these clients can have weaker options.
Is there a newer client, for Mac, or can one be compiled with the exact same client code, just with update libraries for ssl? My edits thus far are as follows to support this version: x2go-server: add +diffie-hellman-group14-sha1 to sshd_config x2go-broker-daemon (whith https certs): Force TLSv1 to be supported, and update ciphers to allow security level 1 (needed for TLS1) + context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) + context.set_ciphers("DEFAULT:@SECLEVEL=1") + context.load_cert_chain(x2gobroker.defaults.X2GOBROKER_SSL_CERTFILE, x2gobroker.defaults.X2GOBROKER_KEYFILE) + http_server = tornado.httpserver.HTTPServer(application, ssl_options=context)
_______________________________________________ x2go-user mailing list x2go-user@lists.x2go.org https://lists.x2go.org/listinfo/x2go-user