Thread: [Ocf-linux-users] openssh link to openssl?
Brought to you by:
david-m
Menu
▾
▴
ocf-linux-users
|
From: Albert L. <alb...@gm...> - 2007-09-26 14:52:15
|
Hello, Nice work on ocf-linux. I've got a geode lx800 which has an aes block, and the driver automatically makes it available to the linux cryptoapi. I've tested with cryptotest and it works with the cryptodev module, and I patched openssl-0.9.8e and achieved positive results as well. I have the original openssl shipped with ubuntu in /usr/ssl, and the patched version in /usr/local/ssl. Although I read you don't have to patch openssh, I assumed you'd have to link it to the patched version of openssl. I did so using the most recent version of openssh, and configured like so: ./configure --with-ssl-dir=/usr/local/ssl --with-ssl-engine It builds fine, but when I try to scp a file I get a corrupted MAC error. I can ssh but I do get errors: debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 logout debug1: channel 0: free: client-session, nchannels 1 Connection to 192.168.0.32 closed. debug1: Transferred: stdin 0, stdout 0, stderr 36 bytes in 10.1 seconds debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 3.6 debug1: Exit status 0 Any ideas? Thanks, Albert -- My Blogs: http://www.docunext.com/ http://www.albertlash.com/ |
|
From: David M. <Dav...@se...> - 2007-09-26 15:41:00
|
Jivin Albert Lash lays it down ... > Hello, > > Nice work on ocf-linux. I've got a geode lx800 which has an aes block, > and the driver automatically makes it available to the linux > cryptoapi. I've tested with cryptotest and it works with the cryptodev > module, and I patched openssl-0.9.8e and achieved positive results as > well. > > I have the original openssl shipped with ubuntu in /usr/ssl, and the > patched version in /usr/local/ssl. Although I read you don't have to > patch openssh, I assumed you'd have to link it to the patched version > of openssl. I did so using the most recent version of openssh, and > configured like so: > > ./configure --with-ssl-dir=/usr/local/ssl --with-ssl-engine > > It builds fine, but when I try to scp a file I get a corrupted MAC > error. I can ssh but I do get errors: > > debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 > logout > debug1: channel 0: free: client-session, nchannels 1 > Connection to 192.168.0.32 closed. > debug1: Transferred: stdin 0, stdout 0, stderr 36 bytes in 10.1 seconds > debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 3.6 > debug1: Exit status 0 If you remove /dev/crypto does it still fail ? If not then OCF is most likely to blame. Which ocf version are you using ? Then I can check to see if there are any updates we have made that may apply to what you are doing :-) Cheers, Davidm -- David McCullough, dav...@se..., Ph:+61 734352815 Secure Computing - SnapGear http://www.uCdot.org http://www.cyberguard.com |
|
From: Albert L. <alb...@gm...> - 2007-09-26 16:08:43
|
---------- Forwarded message ---------- From: Albert Lash <alb...@gm...> Date: Sep 26, 2007 12:05 PM Subject: Re: [Ocf-linux-users] openssh link to openssl? To: David McCullough <Dav...@se...> Hi David, If I rmmod cryptodev then it no longer fails. I am using ocf-linux-20070727 patching linux-source-2.6.22. Let me know if there is any more pertinent information I can send. Albert On 9/26/07, David McCullough <Dav...@se...> wrote: > > Jivin Albert Lash lays it down ... > > Hello, > > > > Nice work on ocf-linux. I've got a geode lx800 which has an aes block, > > and the driver automatically makes it available to the linux > > cryptoapi. I've tested with cryptotest and it works with the cryptodev > > module, and I patched openssl-0.9.8e and achieved positive results as > > well. > > > > I have the original openssl shipped with ubuntu in /usr/ssl, and the > > patched version in /usr/local/ssl. Although I read you don't have to > > patch openssh, I assumed you'd have to link it to the patched version > > of openssl. I did so using the most recent version of openssh, and > > configured like so: > > > > ./configure --with-ssl-dir=/usr/local/ssl --with-ssl-engine > > > > It builds fine, but when I try to scp a file I get a corrupted MAC > > error. I can ssh but I do get errors: > > > > debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 > > logout > > debug1: channel 0: free: client-session, nchannels 1 > > Connection to 192.168.0.32 closed. > > debug1: Transferred: stdin 0, stdout 0, stderr 36 bytes in 10.1 seconds > > debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 3.6 > > debug1: Exit status 0 > > If you remove /dev/crypto does it still fail ? > > If not then OCF is most likely to blame. Which ocf version are you using ? > Then I can check to see if there are any updates we have made that may > apply to what you are doing :-) > > Cheers, > Davidm > > -- > David McCullough, dav...@se..., Ph:+61 734352815 > Secure Computing - SnapGear http://www.uCdot.org http://www.cyberguard.com > -- My Blogs: http://www.docunext.com/ http://www.albertlash.com/ -- My Blogs: http://www.docunext.com/ http://www.albertlash.com/ |
|
From: David M. <Dav...@se...> - 2007-09-28 14:55:22
|
Jivin Albert Lash lays it down ... > Hi David, > > If I rmmod cryptodev then it no longer fails. I am using > ocf-linux-20070727 patching linux-source-2.6.22. Nothing we have since that release will help you, only some cleanups and ixp updates. You have the appropriate cryptoAPI algs turned on ? I am guessing so. I'll be offline for a few days so even tardier than usual :-) About the only thing I think to send is the debug output when running cryptosoft/cryptodev with debug enabled. See the install doc for instructions. Cheers, Davidm > Let me know if there is any more pertinent information I can send. > > Albert > > On 9/26/07, David McCullough <Dav...@se...> wrote: > > > > Jivin Albert Lash lays it down ... > > > Hello, > > > > > > Nice work on ocf-linux. I've got a geode lx800 which has an aes block, > > > and the driver automatically makes it available to the linux > > > cryptoapi. I've tested with cryptotest and it works with the cryptodev > > > module, and I patched openssl-0.9.8e and achieved positive results as > > > well. > > > > > > I have the original openssl shipped with ubuntu in /usr/ssl, and the > > > patched version in /usr/local/ssl. Although I read you don't have to > > > patch openssh, I assumed you'd have to link it to the patched version > > > of openssl. I did so using the most recent version of openssh, and > > > configured like so: > > > > > > ./configure --with-ssl-dir=/usr/local/ssl --with-ssl-engine > > > > > > It builds fine, but when I try to scp a file I get a corrupted MAC > > > error. I can ssh but I do get errors: > > > > > > debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 > > > logout > > > debug1: channel 0: free: client-session, nchannels 1 > > > Connection to 192.168.0.32 closed. > > > debug1: Transferred: stdin 0, stdout 0, stderr 36 bytes in 10.1 seconds > > > debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 3.6 > > > debug1: Exit status 0 > > > > If you remove /dev/crypto does it still fail ? > > > > If not then OCF is most likely to blame. Which ocf version are you using ? > > Then I can check to see if there are any updates we have made that may > > apply to what you are doing :-) > > > > Cheers, > > Davidm > > > > -- > > David McCullough, dav...@se..., Ph:+61 734352815 > > Secure Computing - SnapGear http://www.uCdot.org http://www.cyberguard.com > > > > > -- > My Blogs: > http://www.docunext.com/ > http://www.albertlash.com/ > -- David McCullough, dav...@se..., Ph:+61 734352815 Secure Computing - SnapGear http://www.uCdot.org http://www.cyberguard.com |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X