New cgminer-khc version 3.7.8 availableChanges/enhancements:
- Updated DLLs to the latest available versions.
- Added the "--secure" option to enhance security(*).
Download from here:
https://github.com/kryptohash/cgminer-khc/releases(*)The Secure mode allows cgminer-khc to use HTTPS protocol for RPC calls but, unlike other miner software, cgminer-khc connects only to Wallets and Pools that present a "trusted" SSL Certificate.
Why is this important? Because not checking for trusted SSL Certificates opens the door to Man-In-The-Middle attacks, where an adversary (a.k.a. Hacker) could steal your credentials and even your coins.
How to enable Secure mode for Solo mining:Note: This should only be used if cgminer-khc runs on a different computer than the Wallet.
1. Download OpenSSL for Windows (
https://www.openssl.org/related/binaries.html )
2. Use openSSL command lines below to create a Self-Signed SSL Certificate for the Computer running the Wallet.
openssl genrsa -out server.pem 2048
openssl req -new -x509 -nodes -sha256 -days 3650 -key server.pem > server.cert
Note: When asked to provide the Common Name, you could type the IP address of the computer running the Wallet, if your IP address is static. If your IP address is not static, specify the Computer Host name instead.
3. Copy the server.pem and server.cert to your kryptohash/region0 folder
4. Edit the kryptohash.conf file and add/uncomment these lines:
server=1
rpcport=38912
rpcuser=<YourSecretUser>
rpcpassword=<YourSecretPassword>
5. Enable SSL/TLS in the Wallet
rpcssl=1
rpcsslciphers=TLSv1.2+HIGH:!SSLv2:!aNULL:!eNULL:!AH:!3DES:@STRENGTH
rpcsslcertificatechainfile=server.cert
rpcsslprivatekeyfile=server.pem
6. Specify the IP address of the Computer where cgminer-khc will connect from.
rpcallowip=192.168.1.1
7. Ensure the line below is commented out:
#rpcconnect=127.0.0.1
8. Copy the server.cert file to the computer where cgminer-khc will run. Place the cert file inside the cgminer-khc-3.7.8 folder
9. Rename the server.cert file to cacert.pem or, append the content of server.cert at the end of the existing cacert.pem file.
10. Execute cgminer-khc using:
cgminer --kryptohash --secure -o https://<Your-Wallet-HostName>:38912 -u <YourSecretUser> -p <YourSecretPassword> --shaders 2048 --shaders-mul 8
How to enable Secure mode for Pools.1. Ensure your Pool supports HTTPS for RPC calls.
2. Download the latest cacert.pem file available at the CURL website (
http://curl.haxx.se/docs/caextract.html ) and place the file inside the cgminer-khc-3.7.8 folder.
3. If your Pool doesn't have a SSL Certificate signed by a public CA, ask the Pool to provide you with a Self-Signed SSL Certificate in PEM format.
4. Edit the cacert.pem file and append the Self-Signed SSL Certificate provided by your the Pool at the end of cacert.pem.
5. Execute cgminer-khc using
cgminer --kryptohash --secure -o https://<Your-Pool-HostName>:<SSL port> -u <YourSecretUser> -p <YourSecretPassword> --shaders 2048 --shaders-mul 8