I have updated OpenSSL from ports and it appears to have worked successfully.
Reading these forums, I was aware that a rebuild of world was required to ensure the newer libraries were used. I added
to /etc/make.conf and did a full world rebuild.
On reboot, I am greeted with OpenSSH errors on startup and no SSHD running. When I attempt to start it manually, I get the same error (with new PIDs)
Likely related, and equally annoying... World's OpenSSL is still the old version
I then attempted to replace old OpenSSL with new OpenSSL
Still no joy. So I tried it with libcrypto.so.
Again, no joy. So I rebuilt world again with this hybrid OpenSSL solution. Still no joy.
Am I missing something here?
Code:
$ openssl version
OpenSSL 0.9.8q 2 Dec 2010
$ /usr/local/bin/openssl version
OpenSSL 1.0.1c 10 May 2012
Reading these forums, I was aware that a rebuild of world was required to ensure the newer libraries were used. I added
Code:
WITH_OPENSSL_PORT=YES
On reboot, I am greeted with OpenSSH errors on startup and no SSHD running. When I attempt to start it manually, I get the same error (with new PIDs)
Code:
$ sudo service sshd start
Starting sshd.
Auto configuration failed
1706: error:0608A093:digital envelope routines:ALG_MODULE_INIT: fips mode not
supported:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/evp/evp_cnf.c:106:
1706: error:0E07606D:configuration file routine:MODULE_RUN:module initiliazation
error:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/conf/conf_mod.c:235:module=alg_section,
value=algs, retcode=-1
/etc/rc.d/sshd: WARNING: failed to start sshd
Likely related, and equally annoying... World's OpenSSL is still the old version
Code:
$ openssl version
OpenSSL 0.9.8q 2 Dec 2010
$ /usr/local/bin/openssl version
OpenSSL 1.0.1c 10 May 2012
I then attempted to replace old OpenSSL with new OpenSSL
Code:
$ mv /usr/bin/openssl /usr/bin/openssl.098q
ln -s /usr/local/bin/openssl /usr/bin/openssl
Still no joy. So I tried it with libcrypto.so.
Code:
mv /usr/lib/libcrypto.so /usr/libcrypto.so.back
ln -s /usr/local/lib/libcrypto.so.8 /usr/lib/libcrypto.so
Again, no joy. So I rebuilt world again with this hybrid OpenSSL solution. Still no joy.
Am I missing something here?