http://bugzilla.mindrot.org/show_bug.cgi?id=435 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|internal entropy gatherer |internal entropy gatherer ------- Additional Comments From dtucker at zip.com.au 2002-11-15 00:21 ------- Which platform did you observe this on? Assuming it's AIX, it works ok for me on 4.3.3. What's in ssh_prng_cmds? Non-existant commands will produces zero entropy. $ /usr/local/libexec/ssh-rand-helper -vvv debug1: loading PRNG seed from file /home/dtucker/.ssh/prng_seed debug1: Seeded RNG with 3 bytes from system calls debug1: Loaded 25 entropy commands from /usr/local/etc/ssh_prng_cmds debug3: Reading output from 'ls -alni /var/log' debug3: Time elapsed: 38 msec debug3: Got 4.12 bytes of entropy from 'ls -alni /var/log' [snip] ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=435 ------- Additional Comments From udo_guenthner at de.ibm.com 2002-11-15 02:49 ------- I experienced it under IBM z/OS 1.3 Unix System Services (ufff :-( ) but looking at the source code I wonder how it ever works on any platform ... debug output: debug3: Reading output from 'ls -alni /tmp' debug3: Time elapsed: 40 msec debug2: Command 'ls -alni /tmp' timed out debug3: Got 0.00 bytes of entropy from 'ls -alni /tmp' debug3: Reading output from 'ls -alni /usr/lpp' debug3: Time elapsed: 33 msec debug2: Command 'ls -alni /usr/lpp' timed out debug3: Got 0.00 bytes of entropy from 'ls -alni /usr/lpp' debug3: Reading output from 'ls -alni /etc' debug3: Time elapsed: 35 msec debug2: Command 'ls -alni /etc' timed out debug3: Got 0.00 bytes of entropy from 'ls -alni /etc' debug3: Reading output from 'ls -alni /bin' debug3: Time elapsed: 39 msec debug2: Command 'ls -alni /bin' timed out debug3: Got 0.00 bytes of entropy from 'ls -alni /bin' ..... ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=435 ------- Additional Comments From mouring at eviladmin.org 2002-11-15 04:58 ------- does this change actually fix it? the code pretty much clsoes all STDIN/STDOUT/STDERR of the parent so that the child can overwrite it. Some platforms may handle it without the close(p[..]) part correctly. If it does solve it and does not cause problems then I have no problems submitting such a patch. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=435 udo_guenthner at de.ibm.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From udo_guenthner at de.ibm.com 2002-11-16 03:21 ------- seems that the select() does not work properly on my system. Sometimes it times out even when the elapsed time of the command is less than the specified timeout. maybe a timer resolution issue on my platform .... when I specify for instance a timeout of 300 ms, somm commands that used 250 ms are ok, but others with 30 ms are not ... When I set the timeout to 500 ms or more, I have a good chance to get entropy (although I cannot be sure :-( ). Guess I have to find a fix for the select() problem. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.