I was just skimming through this week's list messages, and I'm seeing queries regarding things recently broken, and all of them seem to include ssh, ssl, or other encryptions.
In mid-December, the Debian/Ubuntu distros pushed out a new openssl library package that seems to have simply deleted the deprecated sha1 ciphers. I've just discovered that this breaks MYSQL master/slave encrypted replications, Apache LDAPs authentication to Active Directory, and others. Most of these systems simply failed silently and it wasn't obvious why. So, the fellow using encrypted tar to backup his FreeNas might want to investigate openssl library versions and the packages that use them; the guy having issues with amrestore over ssh may want to look into the chiphers as well. It seems mysql hard-codes the sha1 cipher by default, but you can override it in the my.cnf files. Our ldap connection wasn't so flexible, and the CentOS5, while still officially supported, didn't seem amenable to selecting a specific cipher, so I ended up moving LDAP back to clear (ACK PFFT) until I have time to replace that server. I spent two days working on ldap and mysql replication issues discovered just this week, and it took a while to figure out the source of the issues here, so you might want to investigate the ssl layers in your applications. I didn't dig into the issues deep enough to be able to say exactly what happened, I just needed to get my systems fixed! Joi Owen System Administrator Pavlov Media, Inc.
