Re: Regenerating DHparams

I picked this up from documentation somewhere:- /etc/cron.daily/postfix_pfs_edh_regenerate #!/bin/bash cd /etc/postfix umask 022 for legth in 512 1024 2048 do openssl dhparam -out dh_$legth.tmp $legth && mv dh_$legth.tmp dh_$legth.pem chmod 644 dh_$legth.pem done -- Regards =dn

Re: Regenerating DHparams

Viktor Dukhovni: It is easy to set up a cron job that runs every 30 days, Hello, that's the first time I personally note a specific time windows. Thanks for sharing your position. I also regenerate dhparameter on monthly base, not every month but approximately every half year... if [ "$

Re: Regenerating DHparams

> > On Nov 7, 2018, at 1:39 PM, Postfix User wrote: > > Is there any recommended schedule for regenerating DHparams for Postfix? I > could not find anything specific about it. Since the parameters are not secret (in fact sent to the client with every full handshake), there's no risk of comprom