Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Hardware crypto display doesn't appear

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 5 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • MikeV7896M Offline
      MikeV7896
      last edited by

      I haven't found a thread for this yet in the couple of forums that I've looked, so figured I'd start it since I have this issue as well…

      @SisterOfMercy:

      @cmb:

      It automatically displays on the dashboard where AES-NI is enabled under System>Advanced, Misc, and exists on the system.

      This should be in the 'system information' widget, right? I have an A1SRi-2558F, AES-NI is enabled under the misc settings. It doesn't show for me. I tried to disable AES-NI and then enable it again, but that also did not work.

      Status -> System logs does show "kernel: aesni0: <aes-cbc,aes-xts,aes-gcm>on motherboard"</aes-cbc,aes-xts,aes-gcm>

      This may or may not be related to bug 4809.

      Anyway, as later requested in the upgrade topic…

      @cmb:

      Start a new thread on that, including the output of:

      grep -i aesni /var/log/dmesg.boot
      
      Features2=0x43d8e3bf<sse3,pclmulqdq,dtes64,mon,ds_cpl,vmx,est,tm2,ssse3,cx16,xtpr,pdcm,sse4.1,sse4.2,movbe,popcnt,tscdlt,aesni,rdrand></sse3,pclmulqdq,dtes64,mon,ds_cpl,vmx,est,tm2,ssse3,cx16,xtpr,pdcm,sse4.1,sse4.2,movbe,popcnt,tscdlt,aesni,rdrand>
      

      And as with SisterOfMercy, this shows in the Status > System Logs:

      kernel: aesni0: <aes-cbc,aes-xts,aes-gcm> on motherboard</aes-cbc,aes-xts,aes-gcm>
      

      But even with all that, I see no Hardware Crypto display on the dashboard.

      AES-NI was enabled on my system a while ago, and I've done a few updates and reboots since. I didn't realize there was something that should be showing until this topic came up.

      The S in IOT stands for Security

      1 Reply Last reply Reply Quote 0
      • P Offline
        pppfsense
        last edited by

        I also do have aesni in my cpu (Intel Xeon E3-1225) and I am not seeing "Crypto" in the Dashboard.

        pfSense is running under ESXi, but that should not matter as pfsense does report the cpu supports aesni.

        Thanks.
        J.

        1 Reply Last reply Reply Quote 0
        • dotdashD Offline
          dotdash
          last edited by

          Just updated a box from 2.2.2 to 2.2.4 (Full, amd64) Not seeing any hardware crypto in the System Information wigit on the dashboard.
          Box has two X5650's in it:

           Features2=0x29ee3ff<sse3,pclmulqdq,dtes64,mon,ds_cpl,vmx,smx,est,tm2,ssse3,cx16,xtpr,pdcm,pcid,dca,sse4.1,sse4.2,popcnt,aesni></sse3,pclmulqdq,dtes64,mon,ds_cpl,vmx,smx,est,tm2,ssse3,cx16,xtpr,pdcm,pcid,dca,sse4.1,sse4.2,popcnt,aesni>
          

          2.2.4 (nano i386) on an Alix doesn't show glxsb (don't think it ever did), but will show Hardware crypto if I put a Hifn card in.

          1 Reply Last reply Reply Quote 0
          • dennypageD Offline
            dennypage
            last edited by

            I am not seeing "Hardware crypto" in the information widget on my SG-4860 either.

            In my case, it's appears to be the result of the /var/log/dmesg.boot snapshot being created too early in the boot process.

            If I freshen the snapshot

            
            dmesg > /var/log/dmesg.boot
            
            

            The widget then displays the information correctly.

            1 Reply Last reply Reply Quote 0
            • dennypageD Offline
              dennypage
              last edited by

              A bug report has been filed.

              1 Reply Last reply Reply Quote 0
              • S Offline
                SisterOfMercy
                last edited by

                @dennypage:

                In my case, it's appears to be the result of the /var/log/dmesg.boot snapshot being created too early in the boot process.

                Ah, thanks! At least I can work around it with the shellcmd package. Or of course a shell script, but I'm a lazy sod.

                Hi, I'm Lance Boyle, and people often wonder if I'm real.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.