Bug 481100

Summary: Enable OpenSSH to use ssl encryption engines by default
Product: [Fedora] Fedora Reporter: Arlinton Bourne <abourne>
Component: opensshAssignee: Tomas Mraz <tmraz>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: mgrepl, tmraz
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openssh-5.1p1-6.fc11 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-30 10:44:55 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Attachments:
Description Flags
Specfile modifcation to allow SSL Engines with openssh (Doesn't include any changes to the changelog) none

Description Arlinton Bourne 2009-01-22 00:09:53 EST
Created attachment 329692 [details]
Specfile modifcation to allow SSL Engines with openssh (Doesn't include any changes to the changelog)

Description of problem:
Currently our packages of OpenSSH are not compiled with --with-ssl-engine. Users that do have hardware encryption need to recompile OpenSSH with this option to allow OpenSSH to use their hardware encryption engine. This patch to the spec file allows OpenSSH to be built with engine support by default.

It's good to note that this works with our OpenSSL 0.9.8j (available in rawhide). It does not work in Fedora 10 with OpenSSL 0.9.8g. The upstream bug that tracks that is:
http://rt.openssl.org/Ticket/Display.html?id=1668&user=guest&pass=guest

I felt that needs to be mentioned because this patch alone will only work in rawhide and not Fedora 10. If we care about fixing this in Fedora 10 we need to fix OpenSSL 0.9.8g.