Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-22 16:39:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

completed 1st paragraph, experimented with formatting for ronn(1)

Dirk Wetter 2017-06-17 16:09:16 +02:00
parent 0487882077
commit 1feccafe3e
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
Man-page.md

@ -8,20 +8,22 @@ testssl.sh [OPTIONS]... [FILE|URI]...
### DESCRIPTION ### DESCRIPTION
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and much more. testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as cryptographic flaws and much more.
Options are either short or long options. All options requiring a value can be called with or without '=' e.g. ``testssl.sh -t=smtp --wide --openssl=/usr/bin/openssl <URI>`` is equivalent to ``testssl.sh --starttls smtp --wide --openssl /usr/bin/openssl <URI>``. Some options can also be preset via ENV variables. ``WIDE=true OPENSSL=/usr/bin/openssl testssl.sh --starttls smtp <URI>`` would be the equivalent to the aforementioned examples. Preference has the command line over ENV. Options are either short or long options. All options requiring a value can be called with or without '=' e.g. ``testssl.sh -t=smtp --wide --openssl=/usr/bin/openssl <URI>`` is equivalent to ``testssl.sh --starttls smtp --wide --openssl /usr/bin/openssl <URI>``. Some options can also be preset via ENV variables. ``WIDE=true OPENSSL=/usr/bin/openssl testssl.sh --starttls smtp <URI>`` would be the equivalent to the aforementioned examples. Preference has the command line over ENV.
\<URI\> or \<FILE\> needs always to be the last parameter. \<URI\> or \<FILE\> needs always to be the last parameter.
##### BANNER OPTIONS ##### BANNER OPTIONS
``-h, --help`` command line help
``-b, --banner`` displays testssl.sh banner, including license, usage conditions, version of testssl.sh, detected openssl version, its path to it, # of ciphers of openssl, its build date and the architecture
``-v, --version`` same as before
``-V, --local <pattern>``
``-V, --local`` pretty print all local ciphers supported by openssl version. If a pattern is supplied it performs a match (ignore case) on any of the pattern supplied in the wide output, see below. The pattern will be search in the any of the columns: hexcode, cipher suite name (OpenSSL or RFC), key exchange, encryption, bits. It does a word pattern match for non-numbers. Numbers here are currently defined as [0-9,A-F]. This means that the pattern CBC is matched as non-word, but AES as word.
-h, --help what you're looking at
-b, --banner displays banner + version of testssl.sh
-v, --version same as previous
-V, --local pretty print all local ciphers
-V, --local <pattern> which local ciphers with <pattern> are available?
(if pattern not a number: word match)
##### INPUT PARAMETERS ##### INPUT PARAMETERS
URI {host,ip,URL}:<port> (port 443 is assumed unless otherwise specified) URI {host,ip,URL}:<port> (port 443 is assumed unless otherwise specified)