Date: Tue, 30 Jul 2013 08:38:05 -0400 From: Mike Tancsa <mike@sentex.net> To: Garrett Wollman <wollman@bimajority.org> Cc: freebsd-security@freebsd.org Subject: Re: fatal: cipher_init: EVP_CipherInit: set key failed for aes128-cbc [preauth] Message-ID: <51F7B3AD.1060703@sentex.net> In-Reply-To: <20983.43801.355884.938326@hergotha.csail.mit.edu> References: <20983.43801.355884.938326@hergotha.csail.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 7/30/2013 8:01 AM, Garrett Wollman wrote: > Am I the only person to be seeing this log message from sshd: > > fatal: cipher_init: EVP_CipherInit: set key failed for aes128-cbc [preauth] > nice not to have my logs spammed with this. Currently running > openssh-portable-6.2.p2_3,1, and I think it started with upgrade to > 6.2. There is an open PR which can be closed now at http://www.freebsd.org/cgi/query-pr.cgi?pr=171809 which points to http://lists.freebsd.org/pipermail/svn-src-head/2013-May/047921.html Change the default in /etc/ssh/sshd_config to UsePrivilegeSeparation yes as it sounds like you have hardware crypto on the box and you are using UsePrivilegeSeparation sandbox which is broken ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51F7B3AD.1060703>