Re: sshd fails when using cryptodev-linux to compute hmac

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Wed, 9 Oct 2024, Peter Rashleigh wrote:

> > I'd suggest turning on LogVerbose=* so you can see which process
> > (represented by it's PID) is doing what, though that probably won't
> > be represented in the devcrypto debug messages unless you hack
> > something similar in.
>
> Too bad, I was hoping it was a tested/supported configuration. Since
> that doesn't seem to be the case, I suspect the easiest way forward
> for me is going to be disabling the openssl engine entirely so that
> openssh works properly. I doubt that hardware-accelerated crypto is
> going to have much benefit for SSH workloads anyway.

Yeah, we used to support /dev/crypto on OpenBSD and it only really
helped with pre-2005ish CPUs; the costs of massaging/moving the data
around and user/kernel context switching erased the gains. Maybe
this would be better if the application was explicitly designed for
the kernel interface, but OpenSSH isn't

Hardware-accelerated crypto is still a huge win when it doesn't need
to go via the kernel, e.g. AES-NI.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux