From root@cakebox.homeunix.net  Thu Sep 20 11:27:52 2012
Return-Path: <root@cakebox.homeunix.net>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 9FCC0106566C
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 20 Sep 2012 11:27:52 +0000 (UTC)
	(envelope-from root@cakebox.homeunix.net)
Received: from mo6-p05-ob.rzone.de (mo6-p05-ob.rzone.de [IPv6:2a01:238:20a:202:5305::1])
	by mx1.freebsd.org (Postfix) with ESMTP id 027E58FC14
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 20 Sep 2012 11:27:51 +0000 (UTC)
Received: from cakebox.homeunix.net
	(164-010-186-093.dialin.vsenet.de [93.186.10.164])
	by smtp.strato.de (joses mo43) (RZmta 30.16 DYNA|AUTH)
	with (DHE-RSA-AES256-SHA encrypted) ESMTPA id Q063c8o8KAvYVo
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu, 20 Sep 2012 13:27:50 +0200 (CEST)
Received: from cakebox.homeunix.net (localhost [127.0.0.1])
	by cakebox.homeunix.net (Postfix) with ESMTP id 9397E67C7A
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 20 Sep 2012 13:27:35 +0200 (CEST)
Received: by cakebox.homeunix.net (Postfix, from userid 0)
	id F053F67C72; Thu, 20 Sep 2012 13:27:33 +0200 (CEST)
Message-Id: <20120920112733.F053F67C72@cakebox.homeunix.net>
Date: Thu, 20 Sep 2012 13:27:33 +0200 (CEST)
From: freebsd@nagilum.org
Reply-To: freebsd@nagilum.org
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: sshd EVP_CipherInit: set key failed for aes128-cbc [preauth]
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         171809
>Category:       bin
>Synopsis:       sshd EVP_CipherInit: set key failed for aes128-cbc [preauth]
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Sep 20 11:30:09 UTC 2012
>Closed-Date:    Tue Sep 17 01:32:48 UTC 2013
>Last-Modified:  Tue Sep 17 01:32:48 UTC 2013
>Originator:     freebsd@nagilum.org
>Release:        FreeBSD 10.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD cakebox.tis 10.0-CURRENT FreeBSD 10.0-CURRENT #0 r240553M: Tue Sep 18 00:11:57 CEST 2012 root@cakebox.tis:/usr/obj/export/src/sys/net5501 i386

Geode LX: Soekris net5501 comBIOS ver. 1.33 20070103 Copyright (C) 2000-2007
glxsb0: <AMD Geode LX Security Block (AES-128-CBC, RNG)> mem 0xa0000000-0xa0003fff irq 10 at device 1.2 on pci0

OpenSSH_6.1p1, OpenSSL 1.0.1c 10 May 2012

>Description:
	Some ssh clients can't connect due this error:
Sep 20 13:07:52 cakebox sshd[33872]: fatal: cipher_init: EVP_CipherInit: set key failed for aes128-cbc [preauth]

	This might be related:
	https://forums.oracle.com/forums/thread.jspa?messageID=8310143
	but that's about ctr and not cbc

>How-To-Repeat:
	build and run current on a machine with glxsb, connect with this ssh:
OpenSSH_5.0 NetBSD_Secure_Shell-20080403, OpenSSL 0.9.9-dev 09 May 2008
	FreeBSDs ssh and Linux (OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012)
	have no issues.

>Fix:

	unknown (I could probably disable glxsb0 but that would be a lame escape)
>Release-Note:
>Audit-Trail:

From: Alexander =?iso-8859-1?b?S/xobg==?= <alexander.kuehn@nagilum.de>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/171809: sshd EVP_CipherInit: set key failed for aes128-cbc
 [preauth]
Date: Thu, 20 Sep 2012 13:45:16 +0200

 "ssh -vvv" output:
 
 debug2: mac_setup: found hmac-md5
 debug1: REQUESTED ENC.NAME is 'aes128-cbc'
 debug1: kex: server->client aes128-cbc hmac-md5 zlib@openssh.com
 debug2: mac_setup: found hmac-md5
 debug1: REQUESTED ENC.NAME is 'aes128-cbc'
 debug1: kex: client->server aes128-cbc hmac-md5 zlib@openssh.com
 debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
 debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
 debug2: dh_gen_key: priv key bits set: 125/256
 debug2: bits set: 528/1024
 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
 debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
 Connection closed by 93.186.10.164

From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= <Trond.Endrestol@ximalas.info>
To: bug-followup@FreeBSD.org
Cc: freebsd@nagilum.org
Subject: Re: bin/171809: sshd EVP_CipherInit: set key failed for aes128-cbc
 [preauth]
Date: Sat, 09 Mar 2013 15:22:17 +0100

 Hi,
 
 The very same issue has recently appeared in stable/9.
 I see tons of log messages like this one:
 
 Mar  8 00:00:00 <auth.crit> enterprise sshd[31525]: fatal: cipher_init: 
 EVP_CipherInit: set key failed for aes128-cbc [preauth]
 
 It all began after upgrading to:
 
 FreeBSD enterprise.ximalas.info 9.1-STABLE FreeBSD 9.1-STABLE #0 
 r247533: Fri Mar  1 12:41:25 CET 2013 
 root@enterprise.ximalas.info:/usr/obj/usr/src/sys/ENTERPRISE  amd64
 
 The OP runs a system based on AMD Geode LX with the Security Block 
 enabled, i.e. glxsb(4).
 
 My system is as follows:
 
 CPU: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz (3109.20-MHz K8-class CPU)
    Origin = "GenuineIntel"  Id = 0x206a7  Family = 0x6  Model = 0x2a 
 Stepping = 7
  
 Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
  
 Features2=0x1fbae3ff<SSE3,PCLMULQDQ,DTES64,MON,DS_CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,AVX>
    AMD Features=0x28100800<SYSCALL,NX,RDTSCP,LM>
    AMD Features2=0x1<LAHF>
    TSC: P-state invariant, performance statistics
 real memory  = 8589934592 (8192 MB)
 avail memory = 8227381248 (7846 MB)
 Event timer "LAPIC" quality 600
 ACPI APIC Table: <GBT    GBTUACPI>
 FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
 FreeBSD/SMP: 1 package(s) x 4 core(s)
   cpu0 (BSP): APIC ID:  0
   cpu1 (AP): APIC ID:  2
   cpu2 (AP): APIC ID:  4
   cpu3 (AP): APIC ID:  6
 ioapic0: Changing APIC ID to 2
 ioapic0 <Version 2.0> irqs 0-23 on motherboard
 kbd1 at kbdmux0
 cryptosoft0: <software crypto> on motherboard
 aesni0: <AES-CBC,AES-XTS> on motherboard
 
 Notice aesni(4) is enabled in my kernel.
 
 This would suggest the problem is either both in the aesni driver and in 
 the glxsb driver, or in some code common to these two drivers, or even 
 within OpenSSH itself.
 
 It would nice to see this issue being resolved once and for all, and at 
 the same time I urge you to suggest upstream that OpenSSH log messages 
 such as the one above always include the IPv4/IPv6 address and/or the 
 domain name of the client. Such a change makes it easier for DenyHosts 
 to blacklist attackers, not to mention us poor sysadmins.
 
 -- 
 ----------------------------------------------------------------------
 Trond Endrestl                     |     Trond.Endrestol@ximalas.info
 ACM, NAS, NUUG, SAGE, USENIX        |       Mozilla Thunderbird 13.0.1

From: Mike Tancsa <mike@sentex.net>
To: bug-followup@FreeBSD.org, freebsd@nagilum.org
Cc:  
Subject: Re: bin/171809: sshd EVP_CipherInit: set key failed for aes128-cbc
 [preauth]
Date: Wed, 29 May 2013 09:32:43 -0400

 r251088
 
 seems to fix it up.  The thread in the mailling list has more info
 
 http://lists.freebsd.org/pipermail/svn-src-head/2013-May/047921.html
 
 	---Mike
 -- 
 -------------------
 Mike Tancsa, tel +1 519 651 3400
 Sentex Communications, mike@sentex.net
 Providing Internet services since 1994 www.sentex.net
 Cambridge, Ontario Canada   http://www.tancsa.com/

From: FreeBSD@nagilum.org
To: bug-followup@freebsd.org
Cc:  
Subject: Re: bin/171809: sshd EVP_CipherInit: set key failed for aes128-cbc
 [preauth]
Date: Mon, 16 Sep 2013 11:52:28 +0200

 Confirmed.
 PR can be closed.
State-Changed-From-To: open->closed 
State-Changed-By: linimon 
State-Changed-When: Tue Sep 17 01:32:29 UTC 2013 
State-Changed-Why:  
Closed at submitter's request. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=171809 
>Unformatted:
