fatal: cipher_init: EVP_CipherInit: set key failed for aes128-cbc [preauth]
Garrett Wollman
wollman at bimajority.org
Tue Jul 30 12:57:53 UTC 2013
[Cc added, bdrewery@ who is the maintainer of security/openssh-portable]
<<On Tue, 30 Jul 2013 08:38:05 -0400, Mike Tancsa <mike at sentex.net> said:
> http://lists.freebsd.org/pipermail/svn-src-head/2013-May/047921.html
> Change the default in /etc/ssh/sshd_config to
No /etc/ssh here; this is ports openssh, not base (which doesn't exist
in my world).
> UsePrivilegeSeparation yes
> as it sounds like you have hardware crypto on the box and you are using
> UsePrivilegeSeparation sandbox
> which is broken
However, this fix does work (in /usr/local/etc/ssh/sshd_config).
Apparently security/openssh-portable needs a fix similar to the base
system head/crypto/openssh r251088.
-GAWollman
More information about the freebsd-security
mailing list