I'm getting the following error:
======================================================================
Mar 12 21:56:24 Magma sshd[6245]: [ID 289063 auth.error] libpkcs11: /usr/lib/security/pkcs11_softtoken_extra.so unexpected failure in ELF
signature verification. See cryptoadm(1M). Skipping this plug-in.
======================================================================
This is in a Sun T5220 running Solaris 10. The same Solaris on a T2000, SB-2000, and even some SF-V120 systems has no such problem. The primary differences are:
The T5220:
====================================================================== Magma:csu 15:25:10 # cryptoadm list
User-level providers:
Provider: /usr/lib/security/$ISA/pkcs11_kernel.so
Provider: /usr/lib/security/$ISA/pkcs11_softtoken_extra.so
Kernel software providers:
des
aes256
arcfour2048
blowfish448
sha1
sha2
md5
rsa
swrand
Kernel hardware providers:
ncp/0
n2cp/0
n2rng/0
======================================================================
And the others are the same with the exception of the "Kernel
hardware providers", so I'll trim out the Kernel software providers
part.
T2000:
====================================================================== Pinatubo:csu 14:52:39 # cryptoadm list
User-level providers:
Provider: /usr/lib/security/$ISA/pkcs11_kernel.so
Provider: /usr/lib/security/$ISA/pkcs11_softtoken_extra.so
[ ... ]
Kernel hardware providers:
ncp/0
======================================================================
SB-2000:
====================================================================== Katana:csu DING! # cryptoadm list
User-level providers:
Provider: /usr/lib/security/$ISA/pkcs11_kernel.so
Provider: /usr/lib/security/$ISA/pkcs11_softtoken_extra.so
[ ... ]
Kernel hardware providers:
======================================================================
SF-V120:
====================================================================== Fuego:dnichols 22:03:10 > cryptoadm list
User-level providers:
Provider: /usr/lib/security/$ISA/pkcs11_kernel.so
Provider: /usr/lib/security/$ISA/pkcs11_softtoken_extra.so
[ ... ]
Kernel hardware providers:
======================================================================
Since this seems to be hardware platform specific, I'm posting
here. (Besides, the software newsgroup seems to be very inactive,
compared with this, which is only *somewhat* inactive. :-)
So -- any advice here? I'm reluctant to shut down the "pkcs11_softtoken_extra.so" totally. And I *do* really like the T5220
as a file server.
Thanks,
DoN.
--
Remove oil spill source from e-mail
Email: <
BPdnicholsBP@d-and-d.com> | (KV4PH) Voice (all times): (703) 938-4564
(too) near Washington D.C. |
http://www.d-and-d.com/dnichols/DoN.html
--- Black Holes are where God is dividing by zero ---
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)