bugzilla-daemon at mindrot.org
2002-Nov-30 17:35 UTC
[Bug 449] New: ssh_prng_cmds has malformed arp command
http://bugzilla.mindrot.org/show_bug.cgi?id=449 Summary: ssh_prng_cmds has malformed arp command Product: Portable OpenSSH Version: 3.4p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: keith at ajmani.org The file "ssh_prng_cmds", used for entropy generation on systems like solaris that lack a decent /dev/random, contains an incorrect "arp" entry. In particular, the command run is: "arp -a -n" /usr/sbin/arp 0.02 Unfortunately, in Solaris8, the "-n" command (no host lookups) is not supported. As a result, when this command is run on a solaris box that has arp entries in its cache that it cannot resolve -- either via a local nameserver or a remote one -- then this command hangs, for a very, very long time. Some results of this hang are: - sshd will take 10+ minutes to start on boot - sshkeygen commands progres very, very slowly This situation arose when I had a Solaris box installed in a private 10.x network, running named locally with itself as the only DNS server in /etc/resolv.conf. However, the box was sitting on a LAN with other boxes in a subnet outside of the range that the Solaris box was authoratative for, and so its arp cache had entries that it could not resolve locally. My suggested fix to this bug is to remove the "arp" command from ssh_prng_cmds on Solaris. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- [Bug 449] ssh_prng_cmds has malformed arp command
- [Bug 323] arp -n flag doesn't exist under Solaris, ssh_prng_cmds still uses it
- [Bug 323] New: arp -n flag doesn't exist under Solaris, ssh_prng_cmds still uses it
- ssh_prng_cmds on Solaris
- Installation globbers ssh_prng_cmds