OpenSSH ignores /etc/ssl/openssl.cnf
Victor Balada Diaz
victor at bsdes.net
Mon Jun 3 08:04:42 UTC 2013
On Mon, Jun 03, 2013 at 09:16:08AM +0200, Victor Balada Diaz wrote:
> Hello,
>
> While trying to configure padlock(4) engine as default engine for my system
> i've noticed that OpenSSH ignores openssl.cnf. Ie:
>
> $ truss openssl speed aes-128-cbc 2>&1 |grep -i openssl.cnf
> open("/etc/ssl/openssl.cnf",O_RDONLY,0666) = 3 (0x3)
>
> $ truss scp -c aes128-cbc localhost:/tmp/foo /tmp/bar 2>&1 |grep -i openssl
> $
>
> How should i configure it without using openssl.cnf?
>
> FreeBSD version: 9.0 and 9.1, i386 and amd64, with base openssl and openssh.
>
> Regards.
> Victor.
Found the problem:
https://bugzilla.mindrot.org/show_bug.cgi?id=1882
It's been fixed on HEAD and 9-STABLE. Is there any chance to get an errata update
for 9.1-RELEASE?
If not, i think it should be documented on the late breaking news of the errata
web page.
Thanks a lot.
Regards.
Victor.
--
La prueba más fehaciente de que existe vida inteligente en otros
planetas, es que no han intentado contactar con nosotros.
More information about the freebsd-security
mailing list