1. Forum
  2. Usenet
  3. COMP.SYS.SUN.HARDWARE

  • Crypto problem -- Sol 10 -- T5220

    From DoN. Nichols@21:1/5 to All on Sun Mar 13 03:10:40 2016
    I'm getting the following error:

    ======================================================================
    Mar 12 21:56:24 Magma sshd[6245]: [ID 289063 auth.error] libpkcs11: /usr/lib/security/pkcs11_softtoken_extra.so unexpected failure in ELF
    signature verification. See cryptoadm(1M). Skipping this plug-in.
    ======================================================================

    This is in a Sun T5220 running Solaris 10. The same Solaris on a T2000, SB-2000, and even some SF-V120 systems has no such problem. The primary differences are:

    The T5220:

    ====================================================================== Magma:csu 15:25:10 # cryptoadm list

    User-level providers:
    Provider: /usr/lib/security/$ISA/pkcs11_kernel.so
    Provider: /usr/lib/security/$ISA/pkcs11_softtoken_extra.so

    Kernel software providers:
    des
    aes256
    arcfour2048
    blowfish448
    sha1
    sha2
    md5
    rsa
    swrand

    Kernel hardware providers:
    ncp/0
    n2cp/0
    n2rng/0
    ======================================================================

    And the others are the same with the exception of the "Kernel
    hardware providers", so I'll trim out the Kernel software providers
    part.

    T2000:
    ====================================================================== Pinatubo:csu 14:52:39 # cryptoadm list

    User-level providers:
    Provider: /usr/lib/security/$ISA/pkcs11_kernel.so
    Provider: /usr/lib/security/$ISA/pkcs11_softtoken_extra.so

    [ ... ]

    Kernel hardware providers:
    ncp/0
    ======================================================================

    SB-2000:
    ====================================================================== Katana:csu DING! # cryptoadm list

    User-level providers:
    Provider: /usr/lib/security/$ISA/pkcs11_kernel.so
    Provider: /usr/lib/security/$ISA/pkcs11_softtoken_extra.so

    [ ... ]

    Kernel hardware providers:
    ======================================================================

    SF-V120:

    ====================================================================== Fuego:dnichols 22:03:10 > cryptoadm list

    User-level providers:
    Provider: /usr/lib/security/$ISA/pkcs11_kernel.so
    Provider: /usr/lib/security/$ISA/pkcs11_softtoken_extra.so

    [ ... ]

    Kernel hardware providers:
    ======================================================================

    Since this seems to be hardware platform specific, I'm posting
    here. (Besides, the software newsgroup seems to be very inactive,
    compared with this, which is only *somewhat* inactive. :-)

    So -- any advice here? I'm reluctant to shut down the "pkcs11_softtoken_extra.so" totally. And I *do* really like the T5220
    as a file server.

    Thanks,
    DoN.

    --
    Remove oil spill source from e-mail
    Email: <BPdnicholsBP@d-and-d.com> | (KV4PH) Voice (all times): (703) 938-4564
    (too) near Washington D.C. | http://www.d-and-d.com/dnichols/DoN.html
    --- Black Holes are where God is dividing by zero ---

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)