Date: Mon, 3 Jun 2013 10:04:40 +0200 From: Victor Balada Diaz <victor@bsdes.net> To: freebsd-security@freebsd.org Subject: Re: OpenSSH ignores /etc/ssl/openssl.cnf Message-ID: <20130603080440.GM74846@equilibrium.bsdes.net> In-Reply-To: <20130603071608.GL74846@equilibrium.bsdes.net> References: <20130603071608.GL74846@equilibrium.bsdes.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jun 03, 2013 at 09:16:08AM +0200, Victor Balada Diaz wrote:
> Hello,
>
> While trying to configure padlock(4) engine as default engine for my system
> i've noticed that OpenSSH ignores openssl.cnf. Ie:
>
> $ truss openssl speed aes-128-cbc 2>&1 |grep -i openssl.cnf
> open("/etc/ssl/openssl.cnf",O_RDONLY,0666) = 3 (0x3)
>
> $ truss scp -c aes128-cbc localhost:/tmp/foo /tmp/bar 2>&1 |grep -i openssl
> $
>
> How should i configure it without using openssl.cnf?
>
> FreeBSD version: 9.0 and 9.1, i386 and amd64, with base openssl and openssh.
>
> Regards.
> Victor.
Found the problem:
https://bugzilla.mindrot.org/show_bug.cgi?id=1882
It's been fixed on HEAD and 9-STABLE. Is there any chance to get an errata update
for 9.1-RELEASE?
If not, i think it should be documented on the late breaking news of the errata
web page.
Thanks a lot.
Regards.
Victor.
--
La prueba más fehaciente de que existe vida inteligente en otros
planetas, es que no han intentado contactar con nosotros.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130603080440.GM74846>