How do I access the Ciphers from the Command Line using SSH?

I've messed up. Entered an incorrect string into the Web Services Configuration under ciphers and now the cPanel will not connect saying invalid connection. How do I get into the cipher section of the Web Services Configuration using SSH and command line please? This is the silliest thing I think I've ever done on a CentOS 6.x server - it's a live server so my clients are now not able to see their websites.

I tried to move the sites on the server to another server using the Transfer tool but that fails too, saying SSL connect attempt failed - unsupported protocol.

I can ssh into the server so I'm hoping that I can resolve the issue by using SSH from the command line.

Any urgent responses greatly appreciated.
LVL 1
Chris KenwardDirectorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Chris KenwardDirectorAuthor Commented:
Hi Foks

I know no-one has seen this yet but in an attempt to get this resolved, I'm looking at cPanel documentation. I see there is a command that looks like this:

/usr/local/cpanel/bin/set-tls-settings

I am entering the following:

/usr/local/cpanel/bin/set-tls-settings --verbose --cipher-suites=ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 --protocols=SSLv2:SSLv3:TLSv1:TLSv1.2 --restart

...but it's not working. I'm obviously missing something. Will keep digging in the hope I can resolve but anyone wanting to respond please do so - I'd be grateful.

Cheers
Chris
0
Chris KenwardDirectorAuthor Commented:
AHA - Got it - The correct string is:

/usr/local/cpanel/bin/set-tls-settings --verbose --cipher-suites=ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 --protocols=SSLv2:SSLv3:TLSv1:TLSv1.2 -all --restart

Server working fine. I'll close the question.
0
Chris KenwardDirectorAuthor Commented:
AHA - Got it - The correct string is:

/usr/local/cpanel/bin/set-tls-settings --verbose --cipher-suites=ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 --protocols=SSLv2:SSLv3:TLSv1:TLSv1.2 -all --restart
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
tls/ssl

From novice to tech pro — start learning today.