On Wed, 9 Oct 2024, Peter Rashleigh wrote: > > I'd suggest turning on LogVerbose=* so you can see which process > > (represented by it's PID) is doing what, though that probably won't > > be represented in the devcrypto debug messages unless you hack > > something similar in. > > Too bad, I was hoping it was a tested/supported configuration. Since > that doesn't seem to be the case, I suspect the easiest way forward > for me is going to be disabling the openssl engine entirely so that > openssh works properly. I doubt that hardware-accelerated crypto is > going to have much benefit for SSH workloads anyway. Yeah, we used to support /dev/crypto on OpenBSD and it only really helped with pre-2005ish CPUs; the costs of massaging/moving the data around and user/kernel context switching erased the gains. Maybe this would be better if the application was explicitly designed for the kernel interface, but OpenSSH isn't Hardware-accelerated crypto is still a huge win when it doesn't need to go via the kernel, e.g. AES-NI. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev