[linux] 2.5.x/2.6.x RAID, IPSec

David Talkington dtalk at u.washington.edu
Mon Sep 1 23:53:02 PDT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Talkington said on Mon, 1 Sep 2003:


> > Anyone using one of these development kernels successfully with both md

> > support (for a mirrored boot device) and IPSec? I'm having trouble

> > finding a release that doesn't break one or the other.


Answering my own post for the last time in this thread, promise. :)

To conclude, the sweet spot for me turned out to be 2.5.51. Later
versions break ssh, and I haven't had time to figure out why (it
authenticates, but won't spawn a shell for me).

The ipsec tools needed some rough treatment to get them to build with
these kernels. I had to dive into the source and reconcile several
problems with define'd constants ... from the comments I saw, it looks
like it's not the first time that's happened. It also seemed to have
trouble figuring out what crypto algorithms were supported, so some manual
intervention was needed there too.

Still, despite the need for duct tape and bubble gum, it does work pretty
well, and is easy to configure once it works. The userspace tools are
ports of the same ones used by 'BSD (and Mac OS X), which is nice. I look
forward to a mature 2.6 kernel to play with!

Cheers ... -d

- --
David Talkington
Computing and Communications
University of Washington
Box 354844
206-543-2144

dtalk at u.washington.edu

PGP key: http://staff.washington.edu/dtalk/CDB83FFC.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Made with pgp4pine 1.75-6

iD8DBQE/VD5QCwvUCM24P/wRAuohAKCtyDuThI0pjQdoUks+9q8McMZS3gCgt5L/
i39pR1m/d9IwSz1juQR5oYA=
=Iji6
-----END PGP SIGNATURE-----



More information about the Linux mailing list