On 7/30/2013 7:57 AM, Garrett Wollman wrote: > [Cc added, bdrewery@ who is the maintainer of security/openssh-portable] > > <<On Tue, 30 Jul 2013 08:38:05 -0400, Mike Tancsa <[email protected]> said: > >> http://lists.freebsd.org/pipermail/svn-src-head/2013-May/047921.html > >> Change the default in /etc/ssh/sshd_config to > > No /etc/ssh here; this is ports openssh, not base (which doesn't exist > in my world). > >> UsePrivilegeSeparation yes > >> as it sounds like you have hardware crypto on the box and you are using >> UsePrivilegeSeparation sandbox >> which is broken > > However, this fix does work (in /usr/local/etc/ssh/sshd_config). > Apparently security/openssh-portable needs a fix similar to the base > system head/crypto/openssh r251088. > > -GAWollman >
Yup. I didn't realize I had put that into the port. Fixed for upcoming 6.3. Thanks, Bryan Drewery
signature.asc
Description: OpenPGP digital signature
