Site Navigation

Date:      Wed, 17 Mar 2021 16:10:28 +0000
From:      tech-lists <tech-lists@zyxst.net>
To:        freebsd-current@freebsd.org
Subject:   Re: Getting started with ktls
Message-ID:  <YFIp9KEVlSFgQyYp@ceres.zyxst.net>
In-Reply-To: <YQXPR0101MB096806853D2F666D892B983BDD6B9@YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM>
References:  <20210311003136.GM56617@kduck.mit.edu> <CAOtMX2iKtBAQWRzY1K9twAFrtdH=S559J6Zd%2Bm5D-YHHPVYf7g@mail.gmail.com> <20210311031501.GP56617@kduck.mit.edu> <CAOtMX2hApCJuTe8OqEJmjrj9vffLB%2BM%2Bc5qR=iPrhRnbeZf=jQ@mail.gmail.com> <YQXPR0101MB096899D3D2241D0D6D830227DD909@YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM> <YE4kM3euujJw9saZ@ceres.zyxst.net> <CAOtMX2gNMw2%2BYcKT9cY35SqASmnvMMH9GDK66VjQvhA85Rj_kQ@mail.gmail.com> <YQXPR0101MB0968DA8912890879ECB7C35BDD6D9@YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM> <YFDwrtagYb8xllVp@ceres.zyxst.net> <YQXPR0101MB096806853D2F666D892B983BDD6B9@YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

--AP4yLcuEhuAVPnmd
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Mar 16, 2021 at 11:46:27PM +0000, Rick Macklem wrote:

>Well, if you do "sysctl -a | fgrep kern.ipc.tls.stats" and it is working,
>you should see the count for at least one of the "crypts" ticking up.
>If they are all zero, it isn't working. That might depend on the apps
>or setup and does not necessarily indicate broken.

OK. it's "not working" by those criteria on the stable/13 rpi4.=20
This one has mutt (imaps) and lynx (https) installed. mutt appears to
use tlsv1.3 to connect with my email provider.=20

>Trying the nfs-over-tls should definitely test it. When it works, the
>data on the wire after the first couple of Null RPCs is encrypted.
>Also, if you start the daemons with "-v",=20

This is what i'll try once buildworld etc completes on the main/14 rpi4.
--=20
J.

--AP4yLcuEhuAVPnmd
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEE8n3tWhxW11Ccvv9/s8o7QhFzNAUFAmBSKfQACgkQs8o7QhFz
NAXZ+A/+NnjhAPn2TMXLTDnkdGw9UyR+leSmCtNFzraqCq37JBxNZ4yKAwNULZ31
2+mjZSVy2w5j2r5Nwui2NbDQolfvG/WTiEVX8JPMjuLcG3trHai/QONu/uKwK44h
BiON3DTy21AEUrCJ+xyM80YlYW4IpO1oOdtMgvvpyvnxMqxrPPvzWQaXQ0VQDtdR
pFNsW5pDjq12W50gABtmPVm/75CDIbZuw8isM04oBTvVadxnjWsQmJDkHJnLz5C9
n/8QXnwY72c/V9QUQGtj+IIlQSDK3pn7oB+tNBhR4M2NaIBxj7FCKrq17IN+w49w
JXwZsqtQSJres1LrLImo+oan8YCijR/LVR2n2gFqPKWqFXvfHxJtBvHIQxRdZS6K
Hd8okBCfoC+dlokaHYbeaRxjAm4jbikic6iyEoV5U+aDVtTeG37pJiJ2vtdaDDm5
sIw0sWjL6G5fo7N2FOqnhnhwV/KyhwQ0hmw6mt/tVGVO4CV1lgOd1qxUyfE//dVm
tPV6+/VXqxZEkMo1gXnNQAVbAyvW1R6kP74DOiLAXcpqIE+SdS3yDXCTFyjDngXv
DtowJBG9FUvtmOfvExZ8ZZ75Co3X9Wnb61uxQ1cAQTfIUprLC/MNHMe6xwmguc7z
5nig9Ir5mW0ZKa8ZPlshIdOlHiuQyDI4tS8QXFobNhIrw6rBoGw=
=sO39
-----END PGP SIGNATURE-----

--AP4yLcuEhuAVPnmd--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YFIp9KEVlSFgQyYp>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact