So it looks like SuSE has a openssl-z990 rpm. So then it would be a matter of getting OpenSSH to work with that?
Marcy Cortes (415) 243-6343 "This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation." -----Original Message----- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of David Boyes Sent: Friday, March 25, 2005 11:43 AM To: [email protected] Subject: Re: [LINUX-390] CVS > So this is the kind of thing I could point at a crypto engine if I had > one? If, if, if.... IF you had a crypto engine, and IF you had the OpenSSL package compiled with the IBM modifications to enable the Cryptoki crypto interface to the crypto engine, and IF you had OpenSSH recompiled to use the modified OpenSSL libraries, and IF all this didn't do harm to your support agreement, then you could probably get some benefit. Right now, all the ssh crypto is done in software, and CVS does a lot of connection setup and teardown which is where the asymmetric crypto (the really expensive part of the crypto exchange) gets done. Use of the routines in Cryptoki would help, but as you can see from above, it's not gonna be simple. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
