[Soekris] Hi/fn cards and SSH...
Stuart Henderson
stu at spacehopper.org
Fri Mar 16 13:56:21 UTC 2007
On 2007/03/16 09:34, Austin Murphy wrote:
> On 3/15/07, Andy Michaels <lego at therac25.net> wrote:
> > I found a thread from 2004 on the OpenBSD mailing lists about an issue
> > where SSH connections with high volume traffic caused dropped
> > connections on a Soekris 4801. Does anyone know if this issue is
> > resolved? I'm hoping with 3 years in between, the issue has died. I
> > ask because we are about to purchase 2 4801s and 2 1411 mini-PCI cards.
> > If there's an issue with OpenSSH, then this will not suit our needs.
>
> I have 2 net4801's running OpenBSD, 3.9 and 4.0. When I put in the
> vpn1411 card I get problems with OpenSSH. "Corrupted MAC on input" is
> the error. It does not seem to have anything to do with the system
> load. I don't know if it is a hardware or software problem, but maybe
> OpenBSD 4.1 will fix it.
using sysctl 'kern.usercrypto=0' (see /etc/sysctl.conf) will allow
the card to be used for IPsec which doesn't have reported problems,
and disable it for userland which does.
More information about the Soekris-tech
mailing list