Displaying 20 results from an estimated 900 matches similar to: "Crypto hw acceleration for openssl"
2010 Sep 03
2
seeking current supported crypto co-processors
Howdy,
<this messages is cross posted in freebsd-security and freebsd-net>
I'm seeking current cryptographic coprocessors supported in FreeBSD 8.x. By perusing through the crypto-dev (and subsequently referenced) man page(s) I found this list:
Hifn 7751/7951/7811/7955/7956 crypto accelerator
SafeNet 1141/1741
Bluesteel 5501/5601
Broadcom
2009 Jan 15
2
zfs drive keeps failing between export and import
I have a zpool that consists for a two-drive mirror. The two times I
took the zpool offline, I had to resilver one of the drives (the same
drive both times) when I imported it back. All drives in the pool
show no read, write, or checksum errors and are new, so I'm looking to
a software problem before hardware. Both drives are encrypted geli
devices. I tried to reproduce the error with 1GB
2008 Mar 17
1
hifn(4) causing system lockup
Hi all,
can someone comment on the state of the hifn(4) driver?
I've recently upgraded my 6.2-STABLE workstation to RELENG_7,
and I'm now experiencing system lockups that seem to be caused
by the hifn(4) driver.
I've got a Soekris vpn1401 card to help with GELI disk en-
cryption. Reading from a GELI volume is causing the system to
freeze completely, which does not happen if
2004 Jan 16
1
HiFn / FAST_IPSEC question
Hi,
Just got some of the new Soekris 1401 VPN cards based on the hifn 7955 chip.
hifn0 mem 0xe8510000-0xe8517fff,0xe8518000-0xe8519fff,0xe851a000-0xe851afff
irq 5 at device 0.0 on pci1
hifn0: Hifn 7955, rev 0, 32KB dram, 64 sessions
vs
hifn0 mem 0xeb902000-0xeb902fff,0xeb901000-0xeb901fff irq 10 at device 8.0
on pci0
hifn0: Hifn 7951, rev 0, 128KB sram, 193 sessions
When it says "n
2003 Jun 04
1
Broken -STABLE kernel build?
Is anyone else seeing this:
perl @/kern/makeops.pl -h @/opencrypto/crypto_if.m
rm -f .depend
mkdep -f .depend -a -nostdinc -D_KERNEL -DKLD_MODULE -I- -I. -I@ -I@/../include -I/usr/obj/usr/local/src-STABLE/src/i386/usr/include /usr/local/src-STABLE/src/sys/modules/hifn/../../dev/hifn/hifn7751.c
/usr/local/src-STABLE/src/sys/modules/hifn/../../dev/hifn/hifn7751.c:47: opt_hifn.h: No such file or
2003 Jul 22
2
Custom crypto in hardware
Hi Freebies!!
I know F-BSD 4.8 supports a framework in the kernel to use crypto
functions from hifn crypto cards. Is there any of these cards that
support custom crypto? What is the best route to go if I want to support
IPSec (and maybe other) crypto functions but with custom crypto
algorithms?
Any info or ideas will be appreciated.
Thanks
Peut
2003 Sep 18
2
[Fwd: Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh]
Roger Marquis wrote:
> [snip]
>
>It takes all of 2 seconds to generate a ssh 2 new session on a
>500Mhz cpu (causing less than 20% utilization). Considering that
>99% of even the most heavily loaded servers have more than enough
>cpu for this task I don't really see it as an issue.
>
>Also, by generating a different key for each session you get better
>entropy,
2006 Jun 09
0
Data authentication for geli(8) committed to HEAD.
Hi.
geli(8) from FreeBSD-CURRENT is now able to perform data integrity
verification (data authentication) using one of the following
algorithms:
- HMAC/MD5
- HMAC/SHA1
- HMAC/RIPEMD160
- HMAC/SHA256
- HMAC/SHA384
- HMAC/SHA512
One of the main design goals was to make it reliable and resistant to
power failures or system crashes. This was very important to commit both
data update and HMAC
2011 Mar 18
5
modprobe :: not finding existing .ko
Hi! I try to load an module that it is found in curent
/lib/modules/`uname -r` tree ...
root at sevcenco: ~ # ls -l /lib/modules/`uname
-r`/kernel/drivers/crypto/padlock-*
-rwxr--r-- 1 root root 14296 Mar 16 19:37
/lib/modules/2.6.38-0.el5.elrepo/kernel/drivers/crypto/padlock-aes.ko
-rwxr--r-- 1 root root 10808 Mar 16 19:37
/lib/modules/2.6.38-0.el5.elrepo/kernel/drivers/crypto/padlock-sha.ko
2005 Feb 17
4
multiple crypto accelerator cards in one FreeBSD box
Hi there!
we are thinking of deploying a IPSEC VPN concentrator using multiple PCI bus
version VPN1401 cards in a FreeBSD box using hifn support..
From the technical specs in Soekris website
http://www.soekris.com/vpn1401.htm,
each card can support 24 to 70 connections. The question is if we
put 3 VPN1401 cards in a single box, does this mean the FreeBSD box can support
3 x (24 to 70) IPSEC
2015 Feb 25
2
[openssh with openssl cryptodev engine] sshd killed by seccomp filter
Hello
I have a server with an hardware crypto accelator.
For giving userspace access to it I use the cryptodev module (http://cryptodev-linux.org/)
I have also the cryptodev engine compiled in openssl.
When I modprobe the cryptodev module, I cannot login with ssh on the server.
The symptom can be found with dmesg:
audit: type=1326 audit(1424784807.257:3): auid=4294967295 uid=22 gid=22
2006 Mar 06
6
gmirror(8) and graid3(8) changes.
Hi.
Here you can find patches with changes to gmirror(8) and graid3(8):
http://people.freebsd.org/~pjd/patches/gmirror.7.patch
http://people.freebsd.org/~pjd/patches/graid3.patch
The patches does the following:
- Significant synchronization speed improvement. Now many parallel
synchronization I/O requests can be used instead of only one before.
Many people requested this.
- Close race
2008 Jan 20
1
OpenSSH + GeodeLX + Linux + Cryptodev = Corrupted MAC on input.
Hello,
I just set up Debian Lenny on a PCEngines ALIX. This board have a
GeodeLX processor with hardware crypto accelerator, so I patched my
kernel to get cryptodev support.
Everything is fine when playin with openssl, but openssh just crash when
a large amount of data is transfered.
A small example:
alix:~# scp 100meg.test localhost:/dev/null
root at localhost's password:
100meg.test
2005 Jul 29
1
booting gbde-encrypted filesystem
Hello,
I think there was already a thread on this. I just
want to raise the question again if anyone has successfully
booted an gdbe-encrypted filesystem (everything encrypted except
the bootloader). The passphrase is entered at the bootloader prompt
or embedded in the bootloader.
I appreciate any tips.
Thanks,
- ronnel
2003 Mar 26
1
Logging on the rsync server from a client connect
Please forgive me for the really dumb question following. I am a complete
newbie to rsync.
I have been trying to set up an rsync server and am unable to get any
logging.
I need to know if the following is possible.
I'm rsyncing from the client and connecting with ssh to an rsync server.
I can connect just fine and the files go with no problem.
I'm going from a
RedHat 7.3 with rsync
2008 Nov 18
3
OpenSSH performance with VIA padlock
Hello list,
please spend a minute considering these facts and maybe there is something to
improve:
1) VIA Eden based board can write AES256 encrypted information on HDD at >
60MB/s
2) iperf shows NIC speed 69MB/s
3) openssl tests have even better results
4) openssh can transfer AES256 encrypted information at < 27MB/s (and worse
with HDD encryption)
It is better with openssh 5.x, than
2016 Nov 02
5
OpenSSL 1.1.0 support
On Wed, 2 Nov 2016, Stuart Henderson wrote:
> On 2016-11-02, Jakub Jelen <jjelen at redhat.com> wrote:
> > The current set of patches are rebased on current upstream is attached
> > with few more tweaks needed to build, pass testsuite and make it work.
> > The upstream review and insight would be helpful.
>
> Since these are going to break things with LibreSSL,
2011 Jun 28
1
common error
I am trying to install centos 5.4 on a centos 5.2 xen host. Technically this
is rocks cluster and thats axillary software but the avalanch installer may
be the hiccup
this is what shows up in the xen log
any suggestions
Watching /local/domain/13/logdirty/next-active
xs_read(): vncpasswd get error.
/vm/84384fb8-e6a6-3a84-8027-e79b841fdc7b/vncpasswd.
char device redirected to /dev/pts/4
2005 Jul 13
2
mijail- Multiple IP's in a Jail
I have searched around the lists and Google and found this
HYPERLINK
"http://people.freebsd.org/~pjd/patches/jail_2004120901.patch"http://people.
freebsd.org/~pjd/patches/jail_2004120901.patch
I was wondering if anyone know of a multiple IP patch that works with
FreeBSD 5.4
I really do not understand why this is not included in the standard jail
I mean sure jail is handy for
2007 Apr 18
3
Virtualization + CPU w/crypto acceleration instructions
In a virtualized environment running Xen or VMware, can the guest
operating systems utilize hardware crypto acceleration such as the
"PadLock" AES acceleration built into VIA CPUs?
(Wasn't able to find this info in any of ~400 Google hits, so I'm
shooting it out a bit to let as many as possible benefit from the
answer.)