OpenSSH ignores /etc/ssl/openssl.cnf

Victor Balada Diaz victor at bsdes.net
Mon Jun 3 07:24:34 UTC 2013


Hello,

While trying to configure padlock(4) engine as default engine for my system
i've noticed that OpenSSH ignores openssl.cnf. Ie:

$ truss openssl speed aes-128-cbc 2>&1  |grep -i openssl.cnf
open("/etc/ssl/openssl.cnf",O_RDONLY,0666)       = 3 (0x3)

$ truss scp -c aes128-cbc localhost:/tmp/foo /tmp/bar 2>&1 |grep -i openssl
$

How should i configure it without using openssl.cnf?

FreeBSD version: 9.0 and 9.1, i386 and amd64, with base openssl and openssh.

Regards.
Victor.
-- 
La prueba más fehaciente de que existe vida inteligente en otros
planetas, es que no han intentado contactar con nosotros. 


More information about the freebsd-security mailing list