mouring at etoh.eviladmin.org
2001-Feb-06 19:19 UTC
RNG not initialised for sftp only under Solaris.
Out of the box on Solaris 2.7 using the internal entropy system. I am able to login but as soon as I get past the password prompt it dies because it claims the RNG is not initialised. Transcript: [..] debug: got SSH2_MSG_SERVICE_ACCEPT You have entered the land of dragons and mystical creatures. This server does not exist. debug: authentications that can continue: publickey,keyboard-interactive,password debug: next auth method to try is publickey debug: key does not exist: /home/lindstro/.ssh/id_dsa debug: next auth method to try is keyboard-interactive Password: debug: ssh-userauth2 successful: method keyboard-interactive debug: fd 6 setting O_NONBLOCK debug: fd 7 IS O_NONBLOCK debug: channel 0: new [client-session] debug: send channel open 0 debug: Entering interactive session. debug: client_init id 0 arg 0 debug: Sending subsystem: sftp debug: channel 0: open confirm rwindow 0 rmax 16384 RNG not initialised [..] The solution is to add 'init_prng();' to the main() of sftp.c. Why sftp is caring about such things boggles my mind. =) Scp sure does not nor does sftp-server, and it was my impression (by glacing at the code) that sftp.c pretty much piggy backing ontop of ssh like scp. Looks to be somewhere in the interactive_loop() code. - Ben
mouring at etoh.eviladmin.org
2001-Feb-06 19:23 UTC
RNG not initialised for sftp only under Solaris.
Ahh.. a moment of truth. the init_rng(); does being in sftp.c due to: sftp-client.c: id = arc4random(); sftp-client.c: id = arc4random(); sftp-client.c: id = arc4random(); sftp-client.c: id = arc4random(); sftp-client.c: id = arc4random(); sftp-client.c: id = arc4random(); sftp-client.c: id = arc4random(); sftp-client.c: id = arc4random(); sftp-client.c: id = arc4random(); sftp-client.c: id = arc4random(); sftp-client.c: expected_id = id = arc4random(); sftp-client.c: id = arc4random(); sftp-client.c: id = arc4random(); sftp-client.c: id = arc4random(); Ok.. This makes much more sense.=) - Ben On Tue, 6 Feb 2001 mouring at etoh.eviladmin.org wrote:> > Out of the box on Solaris 2.7 using the internal entropy system. I am > able to login but as soon as I get past the password prompt it dies > because it claims the RNG is not initialised. > > Transcript: > [..] > debug: got SSH2_MSG_SERVICE_ACCEPT > You have entered the land of dragons and mystical creatures. This server > does not exist. > debug: authentications that can continue: publickey,keyboard-interactive,password > debug: next auth method to try is publickey > debug: key does not exist: /home/lindstro/.ssh/id_dsa > debug: next auth method to try is keyboard-interactive > Password: > debug: ssh-userauth2 successful: method keyboard-interactive > debug: fd 6 setting O_NONBLOCK > debug: fd 7 IS O_NONBLOCK > debug: channel 0: new [client-session] > debug: send channel open 0 > debug: Entering interactive session. > debug: client_init id 0 arg 0 > debug: Sending subsystem: sftp > debug: channel 0: open confirm rwindow 0 rmax 16384 > RNG not initialised > [..] > > The solution is to add 'init_prng();' to the main() of sftp.c. > > Why sftp is caring about such things boggles my mind. =) Scp sure does > not nor does sftp-server, and it was my impression (by glacing at the > code) that sftp.c pretty much piggy backing ontop of ssh like scp. > > > Looks to be somewhere in the interactive_loop() code. > > - Ben > >