Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 27 Mar 2001 11:34:06 +0300
From:      Valentin Nechayev <netch@iv.nn.kiev.ua>
To:        Mark Murray <mark@grondar.za>
Cc:        freebsd-current@FreeBSD.ORG
Subject:   Re: random woes ("no RSA support in libssl and libcrypto")
Message-ID:  <20010327113405.A501@iv.nn.kiev.ua>
In-Reply-To: <200103191401.f2JE13f32088@gratis.grondar.za>; from mark@grondar.za on Mon, Mar 19, 2001 at 04:02:08PM %2B0200
References:  <20010319120932.A88999@enst.fr> <200103191401.f2JE13f32088@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help 
 Mon, Mar 19, 2001 at 16:02:08, mark (Mark Murray) wrote about "Re: random woes ("no RSA support in libssl and libcrypto")": 

> > ssh: no RSA support in libssl and libcrypto.  See ssl(8)
[...]
> > It seems the compatibility with the previous minor of urandom has
> > been silently removed (I assume this happened with the last
> > update/cleanup of the random device). It took me two hours to figure
> > it out.
> 
> See src/UPDATING 20000624

Well, but it says about `options RANDOMDEV'. Later, `device random' was
invented instead of it. A few days ago I installed -CURRENT
(date=2001.03.25.12.00.00) with removing all previous content of /usr/lib
(which contained legacy since 3.1-RELEASE) and /usr/sbin/sshd began to refuse
supporting protocol 1 with identical message
(`no RSA support in libssl and libcrypto.  See ssl(8)'). Also,
kernel was build with `device random', and

netch@iv:/usr/HEAD/src/sys/i386/conf>egrep '(RSA|USA)' /etc/make.conf
# If you're resident in the USA, this will help various ports to determine
USA_RESIDENT=           NO
WITH_RSA=YES

And, my questions are
1) What can happen to refuse RSA support in libcrypto, with environment
described above?
2) How can one diagnose reason of such problems without abusing studying
of libcrypto internals?
3) Can anybody provide more descriptive message when random device
works improperly?


/netch

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010327113405.A501>