Table of Contents
ThinLinc uses priority strings to allow the administrator to select their own preferred availability and order of algorithms used by GnuTLS for services that uses tlstunnel. The priority string is a colon-delimited list of strings being either keywords (groups of algorithms) or algorithms which can be individually enabled or disabled.
For more information, see the GnuTLS documentation about priority strings.
ThinLinc comes configured with the priority string "NORMAL:-VERS-SSL3.0", which means the standard, secure GnuTLS algorithms with the exception of SSL 3.0. This is the order and availability of algorithms for that priority string.
TLS_ECDHE_ECDSA_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384 TLS_ECDHE_ECDSA_CHACHA20_POLY1305 TLS_ECDHE_ECDSA_AES_256_CCM TLS_ECDHE_ECDSA_AES_256_CBC_SHA1 TLS_ECDHE_ECDSA_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384 TLS_ECDHE_ECDSA_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256 TLS_ECDHE_ECDSA_AES_128_CCM TLS_ECDHE_ECDSA_AES_128_CBC_SHA1 TLS_ECDHE_ECDSA_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256 TLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 TLS_ECDHE_RSA_AES_256_GCM_SHA384 TLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384 TLS_ECDHE_RSA_CHACHA20_POLY1305 TLS_ECDHE_RSA_AES_256_CBC_SHA1 TLS_ECDHE_RSA_AES_256_CBC_SHA384 TLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 TLS_ECDHE_RSA_AES_128_GCM_SHA256 TLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256 TLS_ECDHE_RSA_AES_128_CBC_SHA1 TLS_ECDHE_RSA_AES_128_CBC_SHA256 TLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256 TLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 TLS_RSA_AES_256_GCM_SHA384 TLS_RSA_CAMELLIA_256_GCM_SHA384 TLS_RSA_AES_256_CCM TLS_RSA_AES_256_CBC_SHA1 TLS_RSA_AES_256_CBC_SHA256 TLS_RSA_CAMELLIA_256_CBC_SHA1 TLS_RSA_CAMELLIA_256_CBC_SHA256 TLS_RSA_AES_128_GCM_SHA256 TLS_RSA_CAMELLIA_128_GCM_SHA256 TLS_RSA_AES_128_CCM TLS_RSA_AES_128_CBC_SHA1 TLS_RSA_AES_128_CBC_SHA256 TLS_RSA_CAMELLIA_128_CBC_SHA1 TLS_RSA_CAMELLIA_128_CBC_SHA256 TLS_RSA_3DES_EDE_CBC_SHA1 TLS_DHE_RSA_AES_256_GCM_SHA384 TLS_DHE_RSA_CAMELLIA_256_GCM_SHA384 TLS_DHE_RSA_CHACHA20_POLY1305 TLS_DHE_RSA_AES_256_CCM TLS_DHE_RSA_AES_256_CBC_SHA1 TLS_DHE_RSA_AES_256_CBC_SHA256 TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 TLS_DHE_RSA_CAMELLIA_256_CBC_SHA256 TLS_DHE_RSA_AES_128_GCM_SHA256 TLS_DHE_RSA_CAMELLIA_128_GCM_SHA256 TLS_DHE_RSA_AES_128_CCM TLS_DHE_RSA_AES_128_CBC_SHA1 TLS_DHE_RSA_AES_128_CBC_SHA256 TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 TLS_DHE_RSA_CAMELLIA_128_CBC_SHA256 TLS_DHE_RSA_3DES_EDE_CBC_SHA1
CURVE-SECP256R1 CURVE-SECP384R1 CURVE-SECP521R1 CURVE-SECP224R1 CURVE-SECP192R1