[openssh-commits] [openssh] 01/01: Recommend running LibreSSL or OpenSSL self-tests.
git+noreply at mindrot.org
git+noreply at mindrot.org
Mon Dec 9 17:25:01 AEDT 2019
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit b66fa5da25c4b5b67cf9f0ce7af513f5a6a6a686
Author: Darren Tucker <dtucker at dtucker.net>
Date: Mon Dec 9 17:23:22 2019 +1100
Recommend running LibreSSL or OpenSSL self-tests.
---
INSTALL | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/INSTALL b/INSTALL
index 46fc9e98..5057dc28 100644
--- a/INSTALL
+++ b/INSTALL
@@ -31,6 +31,10 @@ If you must use a non-position-independent libcrypto, then you may need
to configure OpenSSH --without-pie. Note that due to a bug in EVP_CipherInit
OpenSSL 1.1 versions prior to 1.1.0g can't be used.
+If you build either from source, running the OpenSSL self-test ("make
+tests") or the LibreSSL equivalent ("make check") and ensuring that all
+tests pass is strongly recommended.
+
NB. If you operating system supports /dev/random, you should configure
libcrypto (LibreSSL/OpenSSL) to use it. OpenSSH relies on libcrypto's
direct support of /dev/random, or failing that, either prngd or egd.
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list