key_verify failed for server_host_key solution
Mark Boolootian
booloo at ucsc.edu
Tue Aug 17 11:55:40 PDT 2004
Folks,
I found that SSH broke after an upgrade to 4.10 stable. The
problem I saw was the same one reported by Daren Desjardins
back in March. The symptom is a client failing to establish a
connection with the complaint:
key_verify failed for server_host_key
The culprit turns out to be a problem in libcrypto that is tickled
by too aggressive optimization settings.
When building 4.10, my make.conf included:
CFLAGS= -O -pipe -funroll-loops -ffast-math
COPTFLAGS= -O -pipe -funroll-loops -ffast-math
By removing both the unroll-loops and fast-math optimizations,
and rebuilding libcrypto, the problem disappears. For anyone
unfamiliar with rebuilding libcrypto, the following should do the
job:
cd /usr/src/secure/lib/libcrypto
make clean
make obj && make depend && make all install
mb
More information about the freebsd-stable
mailing list