Enabling SSLv2 for Ubuntu 11.10 & 12.04

Happy New Year!

Its been bugging me for a while now that Ubuntu have removed the support for SSLv2 in Openssl as standard.

If you are unsure whether your openssl has support for SSLv2 try running a simple sslscan on your own Apache server like this below:

Once you are sure your openssl is not compiled to support SSLv2 then follow these instructions. How to recompile Openssl to include SSLv2:

$ sudo apt-get install build-essential devscripts
$ sudo apt-get build-dep openssl
$ apt-get source openssl
$ cd openssl-*
$ quilt pop -a                                       # This removes updates
$ vi debian/patches/series                # Remove ‘no-ssl2.patch’
$ vi debian/rules                                # Remove ‘no-ssl2’ in args
$ quilt push -a                                     # Re-applies the updates
$ dch -n ‘Allow dangerous v2 protocol’
$ dpkg-source –commit
$ debuild -uc -us
$ ls ../*ssl*.deb
$ sudo dpkg -i *ssl*.deb

Then re-compile your sslscan application and retry. Hopefully you should now have sslscan fully installed with SSLv2 support.



Leave a comment

Your email address will not be published. Required fields are marked *