[Bug 1882] New: Since 5.7p1 OpenSSH doesn't take advantage of OpenSSL hardware engine
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sun Mar 27 04:52:07 EST 2011
https://bugzilla.mindrot.org/show_bug.cgi?id=1882
Summary: Since 5.7p1 OpenSSH doesn't take advantage of OpenSSL
hardware engine
Product: Portable OpenSSH
Version: 5.7p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: scp
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: opod at nic-nac-project.org
I have a VIA C7 box which supports hardware acceleration for aes-cbc
with OpenSSL 'padlock' engine.
I have defined the padlock engine as default in /etc/ssl/openssl.conf
and it has worked for OpenSSH versions 5.4p1 through 5.6p1. With 5.7p1
and 5.8p1 the hardware acceleration is no longer used.
Both OpenSSH versions are configured as such:
./configure --prefix=/usr --libexecdir=/usr/lib/ssh \
--sysconfdir=/etc/ssh --with-tcp-wrappers
--with-privsep-user=nobody \
--with-md5-passwords --with-pam --with-mantype=man
--mandir=/usr/share/man \
--with-xauth=/usr/bin/xauth --with-kerberos5=/usr
--with-ssl-engine \
--with-libedit=/usr/lib
I am enclosing verbose client logs, but I don't know if they will be of
any use. I'll be happy to provide any additional information that is
required.
I am filing this against scp as this is how I can verify if the
hardware acceleration is working or not, but this is probably a deeper
problem.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list