OpenSSL Ciphers

[xy16644]

I am interested in using the ChaCha20 Poly1305 cipher with OpenSSH. When I run openssl ciphers -v on a FreeBSD 10.1 STABLE machine that has OpenSSL 1.0.1l (the latest) I don't see this cipher but if I run the same command on a test OpenBSD 5.6 server it has this cipher (I'm assuming this is because it uses LibreSSL).

So is there a way to install/enable the ChaCha20 Poly1305 cipher on a FreeBSD server running OpenSSL?

 

[getopt]

If you do not find what you are looking for in the port options of OpenSSL where things can be en/disabled, you might inspect the Makefile of the port. In this file often some "hidden" options can be found and set by editing this file.
Another approach is using grep for recursively searching files in the /usr/ports/category/portname/work tree after having done make extract in the ports directory: grep -RI 'chacha|poly1305' /usr/ports/security/openssl

If you were to try the same on the LibreSSL directories you will get a conflict warning if you have OpenSSL installed. You need to remove security/openssl first.

Once you have removed OpenSSL you could install security/libressl substituting it. Now you would have what you were looking for, isn't it?