Date: Tue, 30 Jul 2013 08:57:50 -0400 From: Garrett Wollman <wollman@bimajority.org> To: Mike Tancsa <mike@sentex.net> Cc: freebsd-security@freebsd.org, bdrewery@freebsd.org Subject: Re: fatal: cipher_init: EVP_CipherInit: set key failed for aes128-cbc [preauth] Message-ID: <20983.47182.194861.736615@hergotha.csail.mit.edu> In-Reply-To: <51F7B3AD.1060703@sentex.net> References: <20983.43801.355884.938326@hergotha.csail.mit.edu> <51F7B3AD.1060703@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[Cc added, bdrewery@ who is the maintainer of security/openssh-portable] <<On Tue, 30 Jul 2013 08:38:05 -0400, Mike Tancsa <mike@sentex.net> said: > http://lists.freebsd.org/pipermail/svn-src-head/2013-May/047921.html > Change the default in /etc/ssh/sshd_config to No /etc/ssh here; this is ports openssh, not base (which doesn't exist in my world). > UsePrivilegeSeparation yes > as it sounds like you have hardware crypto on the box and you are using > UsePrivilegeSeparation sandbox > which is broken However, this fix does work (in /usr/local/etc/ssh/sshd_config). Apparently security/openssh-portable needs a fix similar to the base system head/crypto/openssh r251088. -GAWollman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20983.47182.194861.736615>