search for: arc4random_stir

...0x00003574 in main (ac=4, av=0xbffffb44) at ssh.c:698 #3 0x00002060 in _start () #4 0x00001ea0 in start () #5 0x00000000 in ?? () It seems that options has total garbage in it; in particular the num_identity_files is > 1 when I have only one identity file. options is getting corrupted in arc4random_stir () at bsd-arc4random.c:73 It's actually corrupted in RC4_set_key(). I can't see anything obvious wrong here. Before this function is called, everything seems fine, after, the stack is corrupted. I can't get apple's hacked up gdb to stop inside this function with debugging in...

I'm trying to understand the rational behind the arc4random() and arc4random_stir() functions in the OpenSSH source tree. On a system that has a good random number generator, say an in kernel /dev/random what extra functionality is this stuff providing ? Would it be acceptable to replace the calls to arc4random() with reading from /dev/random and drop the arc4random_stir() all...

...gt;j + r->s[r->i]) % 256; - t = r->s[r->i]; - r->s[r->i] = r->s[r->j]; - r->s[r->j] = t; - - t = (r->s[r->i] + r->s[r->j]) % 256; - - buffer[c] = r->s[t]; - c++; - } -} - -unsigned int arc4random(void) -{ - unsigned int r; - - if (rc4 == NULL) - arc4random_stir(); - - rc4_getbytes(rc4, (unsigned char *)&r, sizeof(r)); - - return(r); -} - -void arc4random_stir(void) -{ - unsigned char rand_buf[32]; - - if (rc4 == NULL) - rc4 = xmalloc(sizeof(*rc4)); - - seed_rng(); - RAND_bytes(rand_buf, sizeof(rand_buf)); - - rc4_key(rc4, rand_buf, sizeof(rand_bu...

...dom wants to use RAND_bytes and RAND_bytes wants to use arc4random. The result is a segfault. OpenSSH is the latest 6.6.1. A quick and working solution was to replace the openssh-arc4random with the one shipped by libressl. One small change is needed: the libressl-arc4random.c doesn't have the arc4random_stir()-function, I copied that back from the openssh-arc4random.c. Works so far, see attached patch. An alternative would be to check for the availability of arc4random in libcrypto and use that if available. cu, -- Hanno B?ck http://hboeck.de/ mail/jabber: hanno at hboeck.de GPG: BBB51E42 --------...

...m.c.old Sun Mar 18 19:00:53 2001 --- bsd-arc4random.c Wed May 8 16:44:22 2002 *************** *** 48,54 **** static int first_time = 1; if (rc4_ready <= 0) { ! if (!first_time) seed_rng(); first_time = 0; arc4random_stir(); --- 48,54 ---- static int first_time = 1; if (rc4_ready <= 0) { ! if (first_time) seed_rng(); first_time = 0; arc4random_stir();

...Status: NEW Severity: minor Priority: P5 Component: Build system Assignee: unassigned-bugs at mindrot.org Reporter: jca at wxcvbn.org Created attachment 2372 --> https://bugzilla.mindrot.org/attachment.cgi?id=2372&action=edit Detect arc4random_stir() availability Since http://marc.info/?l=openbsd-cvs&m=138238762705209&w=2 OpenSSH-portable fails to build on OpenBSD-current (post 5.4). This is a problem for the OpenBSD ports tree which includes copies of the openssh-portable source code. Since other OSes have not implemented yet the i...

...ion it's me, but here's the story and maybe someone can suggest an avenue of investigation. This seems to be happening with any release of openssh since at least 2.5.2p1. 1) Problem #1: If SSH protocol 1 is enabled then sshd segfaults right off. This turns out to be because the call to arc4random_stir is corrupting memory and making sensitive_data.server_key non NULL. When key_free is then called on it's UNALLOCATED storage, you get a pretty seg fault. 2) Problem #3: snprintf doesn't like the %.100s specifier. For some reason 00s gets printed, and all the arguments get shifted. Thi...

...his message. Here is the error: gcc -o sftp sftp.o sftp-client.o sftp-common.o sftp-int.o log-client.o -L. -Lopenbsd-compat/ -L/usr/local/ssl/lib -L/usr/local/ssl -lssh -lopenbsd-compat -lcrypt -lz -lnsl -lutil -lcrypto -lwrap openbsd-compat//libopenbsd-compat.a(bsd-arc4random.o): In function `arc4random_stir': /usr/local/src/openssh-SNAP-02082001/openbsd-compat/bsd-arc4random.c:61: undefined reference to `seed_rng' collect2: ld returned 1 exit status make: *** [sftp] Error 1 Here is my configure: ./configure --with-tcp-wrappers --with-md5-passwords --with-default-path=$PATH OpenSSH configure...

...; ++#include <bitsize/stdint.h> + + #include <malloc.h> + +@@ -61,6 +62,11 @@ + __extern unsigned short *seed48(const unsigned short *); + __extern void srand48(long); + ++/* arc4random API emulation on top of jrand48 algorithm */ ++__extern uint32_t arc4random(void); ++__extern void arc4random_stir(void); ++__extern void arc4random_addrandom(unsigned char *, int); ++ + #define RAND_MAX 0x7fffffff + static __inline__ int rand(void) + { +Index: klibc-1.5.21/usr/klibc/Kbuild +=================================================================== +--- klibc-1.5.21.orig/usr/klibc/Kbuild 2011-01-28 12...

...ITY_USER, 1, NULL); maxfd = fdlim_get(1); if (maxfd < 0) diff -urN openssh-3.5p1-orig/ssh-keysign.c openssh-3.5p1/ssh-keysign.c --- openssh-3.5p1-orig/ssh-keysign.c 2002-12-18 10:10:13.000000000 -0500 +++ openssh-3.5p1/ssh-keysign.c 2002-12-18 10:43:40.000000000 -0500 @@ -160,7 +160,7 @@ arc4random_stir(); #ifdef DEBUG_SSH_KEYSIGN - log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0); + log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0, NULL); #endif /* verify that ssh-keysign is enabled by the admin */ diff -urN openssh-3.5p1-orig/s...

Correct me if I'm wrong, but init_rng() in entropy.c doesn't call seed_rng(), and in fact seed_rng() isn't called from _anywhere_ (in openssh-2.5.1p2). So calls to BN_rand() only pick up the tiny/non-existent amount of entropy added by BN_rand() itself from the system clock (time in seconds). Shouldn't seed_rng() be called from init_rng()? It should be called from _somewhere_,

...to seed the r.n.g. only on the first time? If the latter, we need this patch: Index: openbsd-compat/bsd-arc4random.c @@ -48,9 +48,10 @@ static int first_time = 1; if (rc4_ready <= 0) { - if (!first_time) + if (first_time) { seed_rng(); - first_time = 0; + first_time = 0; + } arc4random_stir(); } If the code was really correct, I suggest rewriting it to be a little more explicit. Like this: if (first_time) first_time = 0; else seed_rng(); ..wayne..

Hi, A question regarding chroot, internal-sftp, and time zones: Is it possible to get the time stamps presented by the chrooted internal-sftp to always be aligned with the system global time zone setting? What is the reason this not done by default, that is couldn't the chrooted internal-sftp inherit the time zone information from the SSH daemon? /John -- John Olsson Ericsson AB

Hi, I have been working on a portable LibreSSL build tree for a little while to test the waters: http://github.com/busterb/libressl Someone noticed an issue with the arc4random implementation that I originally grabbed from libbsd https://github.com/busterb/libressl/issues/1 So, I looked at how OpenSSH handles it, and noticed that it uses the random functions from OpenSSL unconditionally to seed

...ng linked statically (from a .a file). No difference if openssl is compiled with -O, instead of -O3 -fomit-frame-pointer. openssh is being compiled with -O2 -fstrict-aliasing. In the case I've investigated with gdb, ssh-keygen dies the first time it gets to RC4_set_key (openssl), called from arc4random_stir. It dies trying to write into the memory of "static RC4_KEY rc4;" (openbsd-compat/bsd-arc4random.c). If, just for sport, I *initialize* rc4 [with zeros] (i.e. it ends up in the data section, not bss), then we sail past this problem [but it dies a bit later in some rsa code]. Do these fu...

..._private ?after key_load_private private host key: #1 type 2 DSA ?before setting protcol version options.protocol=4 ...sensitive_data.have_ssh1_key=0? sensitive_data.have_ssh2_key=1 use_privsep=1 ?before get pwnam ?after get pwnam ?before set groups ?before daemon starts ?after daemon starts before arc4random_stir before chdir ?before signal ?after signal ?in else condition AF_INET=2, AF_INET6=10 listen_sock=0ai->ai_family=2,ai->ai_socktype=2,ai->ai_protocol=6 listen_sock=5 Bind to port ssh on 0.0..0.0. ?strport=ssh Server listening on 0.0.0.0 port ssh. AF_INET=2, AF_INET6=10 listen_sock=5ai->ai_...

Hi, I'm having a problem with ssh-keygen on Solaris 8; upon running, it produces a bus error due to a function call in OpenSSL (RC4_set_key): [...] (gdb) where #0 0x3440c in RC4_set_key () #1 0x2b890 in arc4random_stir () at /merc/tools/src/openssh-2.3.0p1/bsd-arc4random.c:65 #2 0x23ca8 in main (ac=1, av=0xffbefb94) at /merc/tools/src/openssh-2.3.0p1/ssh-keygen.c:720 I get identical results with any combination of: - gcc 2.95.2/binutils 2.10.1, or just gcc with Sun's as/ld (I do not have a WorkSh...

..._private after key_load_private private host key: #1 type 2 DSA before setting protcol version options.protocol=4 ...sensitive_data.have_ssh1_key=0 sensitive_data.have_ssh2_key=1 use_privsep=1 before get pwnam after get pwnam before set groups before daemon starts after daemon starts before arc4random_stir before chdir before signal after signal in else condition AF_INET=2, AF_INET6=10 listen_sock=0ai->ai_family=2,ai->ai_socktype=2,ai->ai_protocol=6 listen_sock=5 Bind to port ssh on 0.0.0.0. strport=ssh Server listening on 0.0.0.0 port ssh. AF_INET=2, AF_INET6=10 listen_sock=5ai->ai_f...

The patch (against 4.7p1) modifies gnome-ssh-askpass to optionally generate a one-time password and transmits it to the user via an out-of-band communication channel. If you can read the password and enter it back into the gnome-ssh-askpass dialog, ssh-agent is allowed to continue with the authentication process. There are two ways to use the modified gnome-ssh-askpass. The first

Hi, I am happy to (re)send a set of patches for compiling OpenSSH 4.7p1 with FIPS 140-2 OpenSSL. These are based on previously reported patches by Steve Marquess <marquess at ieee.org> and Ben Laurie <ben at algroup.co.uk>, for ver. OpenSSH 3.8. Note that these patches are NOT OFFICIAL, and MAY be used freely by anyone. Issues [partially] handled: SSL FIPS Self test. RC4,