[dfa0]

Ciphers to avoid DSS, MD5/RC4, SHA-1.

Ciphers to prefer ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256

A pretty good source/guide:

https://hynek.me/articles/hardening-your-web-servers-ssl-cip...

You'll need apache 2.4+[I think], or nginx. And possibly fresh certs to use DHE/EC.

A quick rundown of a fairly secure setup:

Cipher Priority list:

ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:!RSA+3DES:!aNULL:!MD5:!DSS:!SHA:AEAD

==========================================================

Generate the cert and private key:

openssl req -x509 -sha256 -nodes -days 3650 -newkey rsa:4096 -keyout serverkey.pem -out servercert.pem

==========================================================

Generate the DH parameters:

openssl dhparam -out dh2048.pem -outform PEM -2 2048

==========================================================

How to List Elliptic Curves:

openssl ecparam -list_curves

===========================================================

Note: Generating DH parameters is gonna take a while. If you are implementing this on a slowish machine like a Raspberry Pi, you might want to use a faster machine to do the DH step, then copy file the key over.

[snowwrestler]

Note to the mods: this comment breaks formatting on mobile, forcing the min page width to be much wider than usual and even more difficult to read on a phone.

[KMag]

This is generally helpful, but generally avoid advice from people who refer to signature algorithms or cryptographic hash functions as ciphers.

It should also be mentioned how you came up with your ordering of TLS cipher suites, in declining priority

  1. Forward security is preferred (ECDH|DH > RSA)
  2. AESGCM > AES256 > AES|AES128 > 3DES
  3. ECDH > DH