Girish Venkatachalam wrote:
Hi,
I have been seeing scp xfers failing mysteriously with a Corrupted MAC on
input error. This occurred more or less sporadically but for huge files it was sure
to occur. I suspected the ethernet card and got it changed.
Next, I suspected RAM since I used to get failed compiles saying internal
compiler error and sefault. This had nothing to do with the other problems since if
I issue compile again it used to go thro'.
And the md5 and sha1 commands never worked. They always used to give
corrupted results. Then I just gave up and moved on. I tried installing gentoo
on that machine and did a memtest and it went fine.
Anyway coming to the point, I am running 6.0 FreeBSD.
I have come across the following cases.
a) A person in Sweden had trouble with HTTPS and I solved it by
reinstalling OpenSSL (check the archives, I think it was more than two months
ago)
b) Recently two persons had severe trouble with OpenSSH
At last I tried the same medicine I have been prescribing to others and
with God's grace :-) , my MD5 and SHA1 started matching...
I have other machines in LAN running OpenBSD and Debian. I try matching
the checksums with those boxes.
And the only common factor and culprit is ... yes, OpenSSL.
I urge all of you to make life simpler with this.
# cd /usr/ports/security/openssl
#make deinstall (it may fail, no problem :-)
#make reinstall
Enjoy guys! :-)
I might fix the real problem if I get time. Or one of u can too.
What makes me wonder is how come this problem has gone unnoticed for so
long...
Two weeks ago a security advisory regarding FBSD/OpenSSL was announced,
two days later FBSD/OpenSSH. I don't know if this is related to the
problem you describe.
The advisory for OpenSSL is to update your source and build/install
world. Then you must rebuilt all applications that link against OpenSSL
in base. For OpenSSH you only need to rebuild that, but this will be
done in the step above.
If you use OpenSSL/SSH from ports then these may or may not have been
patched, but the result is the same with respect to rebuilding
applications linking against a broken OpenSSL.
Anyway, if you use OpenSSL/SSH from ports then it is NOT FreeBSD OpenSSL
that is broken, it's the port that may be, and then the problem may be
an entirely different one.
Try first switching to OpenSSL/SSH in base, I have no problem with those.
Cheers, Erik
--
Ph: +34.666334818 web: http://www.locolomo.org
X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt
Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
