[pve-devel] [PATCH qemu-server] change TLS cipher suite to HIGH
Fabian Grünbichler
f.gruenbichler at proxmox.com
Wed Jan 11 15:51:42 CET 2017
Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
PVE/QemuServer.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index bc26da2..18531e6 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -3156,7 +3156,7 @@ sub config_to_command {
my $pfamily = PVE::Tools::get_host_address_family($nodename);
$spice_port = PVE::Tools::next_spice_port($pfamily);
- push @$devices, '-spice', "tls-port=${spice_port},addr=localhost,tls-ciphers=DES-CBC3-SHA,seamless-migration=on";
+ push @$devices, '-spice', "tls-port=${spice_port},addr=localhost,tls-ciphers=HIGH,seamless-migration=on";
push @$devices, '-device', "virtio-serial,id=spice$pciaddr";
push @$devices, '-chardev', "spicevmc,id=vdagent,name=vdagent";
--
2.1.4
More information about the pve-devel
mailing list