> On Dec 6, 2018, at 4:04 PM, Xin LI <delp...@gmail.com> wrote: > > On Thu, Dec 6, 2018 at 11:37 AM John Nielsen <li...@jnielsen.net> wrote: >> >> I have upgraded two physical machines from 11-STABLE to 12-STABLE recently >> (one is 12.0-PRERELEASE r341380 and the other is 12.0-PRERELEASE r341391). I >> noticed today that neither machine seems to be utilizing /dev/crypto. >> Typically I see at least ssh/sshd have the device open plus some programs >> from ports. But 'fuser' doesn't list any processes on either machine: >> >> # fuser /dev/crypto >> /dev/crypto: >> >> Both machines are running custom kernels that include "device crypto" and >> "device cryptodev". One of them additionally has "device aesni". >> >> Is anyone else seeing this? Any idea what would cause it? > > Your average OpenSSL applications should not use /dev/crypto, if your > goal is to utilize AES-NI (which does not require /dev/crypto). On > capable systems, AES-NI would be used automatically (and it's faster > this way).
Thanks for the response. Is there a way to verify that AES-NI is being used for e.g. ssh? I'm also curious why/when/how the change to not use (or support?) /dev/crypto from base openssl was made. _______________________________________________ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
