Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 28 Mar 2001 00:36:25 +0300
From:      Valentin Nechayev <netch@iv.nn.kiev.ua>
To:        Mark Murray <mark@grondar.za>
Cc:        freebsd-current@FreeBSD.ORG
Subject:   Re: random woes ("no RSA support in libssl and libcrypto")
Message-ID:  <20010328003625.A305@iv.nn.kiev.ua>
In-Reply-To: <200103270932.f2R9Vxf78104@gratis.grondar.za>; from mark@grondar.za on Tue, Mar 27, 2001 at 11:33:11AM %2B0200
References:  <20010327113405.A501@iv.nn.kiev.ua> <200103270932.f2R9Vxf78104@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help 
 Tue, Mar 27, 2001 at 11:33:11, mark (Mark Murray) wrote about "Re: random woes ("no RSA support in libssl and libcrypto")": 

> > Well, but it says about `options RANDOMDEV'. Later, `device random' was
> > invented instead of it. A few days ago I installed -CURRENT
> > (date=2001.03.25.12.00.00) with removing all previous content of /usr/lib
> > (which contained legacy since 3.1-RELEASE) and /usr/sbin/sshd began to refuse
> > supporting protocol 1 with identical message
> > (`no RSA support in libssl and libcrypto.  See ssl(8)'). Also,
> > kernel was build with `device random', and
> > 
> > netch@iv:/usr/HEAD/src/sys/i386/conf>egrep '(RSA|USA)' /etc/make.conf
> > # If you're resident in the USA, this will help various ports to determine
> > USA_RESIDENT=           NO
> > WITH_RSA=YES
> You missed (and deleted) the bit where it tells you to rerun MAKEDEV
> to rebuild your devices.

No, /dev/urandom was correct, 'MAKEDEV all' was run properly.
The only change was to remove old libraries, which are not installed
via installworld in modern -CURRENT, from /usr/lib.

> > And, my questions are
> > 1) What can happen to refuse RSA support in libcrypto, with environment
> > described above?
> An incorrect /dev/urandom

No.

> > 3) Can anybody provide more descriptive message when random device
> > works improperly?
> Yes. I'm working on making the random device itself moan at you.

Thank you for polite reply.;) But, the problem is not solved in this way.
That's why I asked some description how to diagnose these problems.
Instead of its I received random moans. Ok, thanks.


/netch

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010328003625.A305>