Date: Sat, 28 Sep 2013 11:41:04 -0500 From: Bryan Drewery <bdrewery@FreeBSD.org> To: Garrett Wollman <wollman@bimajority.org> Cc: freebsd-security@freebsd.org Subject: Re: fatal: cipher_init: EVP_CipherInit: set key failed for aes128-cbc [preauth] Message-ID: <524706A0.1040804@FreeBSD.org> In-Reply-To: <20983.47182.194861.736615@hergotha.csail.mit.edu> References: <20983.43801.355884.938326@hergotha.csail.mit.edu> <51F7B3AD.1060703@sentex.net> <20983.47182.194861.736615@hergotha.csail.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --F9esMtJB5VCWcUFJNM4Tscx6XF8cKxjoC Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 7/30/2013 7:57 AM, Garrett Wollman wrote: > [Cc added, bdrewery@ who is the maintainer of security/openssh-portable= ] >=20 > <<On Tue, 30 Jul 2013 08:38:05 -0400, Mike Tancsa <mike@sentex.net> sai= d: >=20 >> http://lists.freebsd.org/pipermail/svn-src-head/2013-May/047921.html >=20 >> Change the default in /etc/ssh/sshd_config to >=20 > No /etc/ssh here; this is ports openssh, not base (which doesn't exist > in my world). >=20 >> UsePrivilegeSeparation yes >=20 >> as it sounds like you have hardware crypto on the box and you are usin= g >> UsePrivilegeSeparation sandbox >> which is broken >=20 > However, this fix does work (in /usr/local/etc/ssh/sshd_config). > Apparently security/openssh-portable needs a fix similar to the base > system head/crypto/openssh r251088. >=20 > -GAWollman >=20 Yup. I didn't realize I had put that into the port. Fixed for upcoming 6.3. Thanks, Bryan Drewery --F9esMtJB5VCWcUFJNM4Tscx6XF8cKxjoC Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSRwagAAoJEG54KsA8mwz5Z8QP/1VMgZFxn1XqpE2Hbhp9miCR GZTHgnFqyYslt2/HyV82qTNcymHeSb4R4j4jBEo2eS/NC5eNBWc9Bl7juTrKlVF5 sc1yZVmbF/GoleJkKR0mhc7VqaPBc1l81WklrrYAivG5QV+GlfCylCEoGha8VluI N/qVvNg1VBSiZAahA9ZV4wJvdvLuB0jDzenwEYivyn3Q7PpiJmAaSj2WkPrtO3Ct FWXTT0LWh58qH3YRuX1CTCCEouzLOl/tWHndaV3w2QaRzH5oxvzn/QTkaguxp1Be /BVPDPbYDBKJ3SQFvRUcrrCzZdA3ROa+czM5Va5MM+XyOqYBRKAHInipuP9KPc55 fzq0CKLx1FkWhXFLxu948zqqCTCvY3l8V5RdJISrOnYY8lkfKaEpvGnF6T8k6Z8P 95YwTnUILfgEAepzUMLe7kGB9p1DpK3NwcBOvniV+jZ3hXr9m+c5N4gFS/qBQSFq kYq8/yrYyflLknLwRlCezF16ila+lhikx+vi1hqsoW/Nz16oIktT9grEfGxiEr5I WrWUYiWcb2EmxbXJAhcnSlQ7vbjipsHYzviUz1pYqAzWiyJ2WYyVfbyUeNp4yWBk WGkzHcgjMChMSGGyeguFvI5wzqWmIf/1p+UCVcumwwhT8771yZOOluM4sU7xnI+E wuRDQWgiwe8+k4fl1Eao =jXDC -----END PGP SIGNATURE----- --F9esMtJB5VCWcUFJNM4Tscx6XF8cKxjoC--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?524706A0.1040804>