bin/171809: sshd EVP_CipherInit: set key failed for aes128-cbc [preauth]

Trond Endrestøl Trond.Endrestol at
Sat Mar 9 14:30:03 UTC 2013

The following reply was made to PR bin/171809; it has been noted by GNATS.

From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= <Trond.Endrestol at>
To: bug-followup at
Cc: freebsd at
Subject: Re: bin/171809: sshd EVP_CipherInit: set key failed for aes128-cbc
Date: Sat, 09 Mar 2013 15:22:17 +0100

 The very same issue has recently appeared in stable/9.
 I see tons of log messages like this one:
 Mar  8 00:00:00 <auth.crit> enterprise sshd[31525]: fatal: cipher_init: 
 EVP_CipherInit: set key failed for aes128-cbc [preauth]
 It all began after upgrading to:
 FreeBSD 9.1-STABLE FreeBSD 9.1-STABLE #0 
 r247533: Fri Mar  1 12:41:25 CET 2013 
 root at  amd64
 The OP runs a system based on AMD Geode LX with the Security Block 
 enabled, i.e. glxsb(4).
 My system is as follows:
 CPU: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz (3109.20-MHz K8-class CPU)
    Origin = "GenuineIntel"  Id = 0x206a7  Family = 0x6  Model = 0x2a 
 Stepping = 7
    AMD Features=0x28100800<SYSCALL,NX,RDTSCP,LM>
    AMD Features2=0x1<LAHF>
    TSC: P-state invariant, performance statistics
 real memory  = 8589934592 (8192 MB)
 avail memory = 8227381248 (7846 MB)
 Event timer "LAPIC" quality 600
 FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
 FreeBSD/SMP: 1 package(s) x 4 core(s)
   cpu0 (BSP): APIC ID:  0
   cpu1 (AP): APIC ID:  2
   cpu2 (AP): APIC ID:  4
   cpu3 (AP): APIC ID:  6
 ioapic0: Changing APIC ID to 2
 ioapic0 <Version 2.0> irqs 0-23 on motherboard
 kbd1 at kbdmux0
 cryptosoft0: <software crypto> on motherboard
 aesni0: <AES-CBC,AES-XTS> on motherboard
 Notice aesni(4) is enabled in my kernel.
 This would suggest the problem is either both in the aesni driver and in 
 the glxsb driver, or in some code common to these two drivers, or even 
 within OpenSSH itself.
 It would nice to see this issue being resolved once and for all, and at 
 the same time I urge you to suggest upstream that OpenSSH log messages 
 such as the one above always include the IPv4/IPv6 address and/or the 
 domain name of the client. Such a change makes it easier for DenyHosts 
 to blacklist attackers, not to mention us poor sysadmins.
 Trond Endrestøl                     |     Trond.Endrestol at
 ACM, NAS, NUUG, SAGE, USENIX        |       Mozilla Thunderbird 13.0.1

More information about the freebsd-bugs mailing list