similar to: [Bug 721] --with-prngd-socket=/path/to/file seems broken

http://bugzilla.mindrot.org/show_bug.cgi?id=721 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |WORKSFORME ------- Additional Comments From dtucker at zip.com.au 2004-03-30

Hi. I recently snookered myself: I build OpenSSH on an old box that didn't have /dev/random, but happened to be running prngd at the time for other reasons. Because I wanted to use commands, I configured --with-rand-helper, however configure found the prngd socket and built ssh-rand-helper to use it exclusively. Next reboot: no prngd, no random seed, no sshd. Do not log in, do not

I am running openssh 3.4p1 and had everything working fine, but then we had to upgrde the openssl. So did the same steps now openssh is not seeing prngd. We configure openssh with : --with-prngd-socket=/var/spool/prngd/pool this is what we saw with openssl-0.9.6g when I configured it: OpenSSH has been configured with the following options: User binaries: /usr/local/bin

http://bugzilla.mindrot.org/show_bug.cgi?id=953 ------- Additional Comments From stanislaw.walczak at sympatico.ca 2004-12-17 09:16 ------- I run it only for 10 minutes "openssl rand -base64 20480" - did not hang or abort. Security group said no for prngd 0.9.25 upgrade. Could you please tell me more about prngd bug ? what the symptoms are ? ------- You are receiving this mail

http://bugzilla.mindrot.org/show_bug.cgi?id=953 Summary: openssh session hanging - prngd[671]: write() in socket_write() failed: Broken pipe Product: Portable OpenSSH Version: 3.7.1p2 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh

On Sun, 19 Mar 2023 at 12:25, Nathan Wagner <nw at hydaspes.if.org> wrote: > I'm trying to compile openssh with openssl 3.1 on a linux machine with > kernel 4.15.10. I seem to get stuck at: > > configure: error: OpenSSH has no source of random numbers. Please > configure OpenSSL with an entropy source or re-run configure using one > of the --with-prngd-port or

OpenSSH Security Advisory: portable-keysign-rand-helper.adv This document may be found at: http://www.openssh.com/txt/portable-keysign-rand-helper.adv 1. Vulnerability Portable OpenSSH's ssh-keysign utility may allow unauthorised local access to host keys on platforms if ssh-rand-helper is used. 2. Affected configurations Portable OpenSSH prior to version

http://bugzilla.mindrot.org/show_bug.cgi?id=361 ------- Additional Comments From Lutz.Jaenicke at aet.TU-Cottbus.DE 2002-07-19 17:37 ------- OpenSSH's "configure" command will only pick up a new installation of PRNGD, when it is running during the call to configure. Thus make sure to * install prngd first and check its proper operation. * then run OpenSSH's configure

https://bugzilla.mindrot.org/show_bug.cgi?id=1781 Summary: Document how to use Solaris 10 /dev/random Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Documentation AssignedTo: unassigned-bugs at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=361 Summary: PRNGD not yet seeded & SSH banner stills show previous banner Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P3 Component: ssh AssignedTo:

OpenSSH Security Advisory: portable-keysign-rand-helper.adv This document may be found at: http://www.openssh.com/txt/portable-keysign-rand-helper.adv 1. Vulnerability Portable OpenSSH's ssh-keysign utility may allow unauthorised local access to host keys on platforms if ssh-rand-helper is used. 2. Affected configurations Portable OpenSSH prior to version

Over the holidays, I intend to finally rid portable OpenSSH of the builtin entropy collection code. Here's what I intend to do: When init_rng is called, we'll check OpenSSL's RAND_status(). If this indicates that their PRNG is already seeded, we'll do nothing. This effectively detects platforms which have /dev/urandom (or similar) configured into OpenSSL. If OpenSSL isn't

Hi, I'm like to try a get the new release to work with Sun's new device, that can be installed with patch 112438-01. I compiled SSL attempting to point it at the random device: cd openssl-0.9.6d ./Configure solaris-sparcv7-gcc make DEVRANDOM="/kernel/drv/random" And then ran the SSH configure: ./configure --prefix=/opt/OBSDssh --with-pam --without-rsh \ --sysconfdir=/etc/ssh

Hi all. For those that didn't know it, the OpenSSH portable team has been collecting survey data about the platforms that it runs and the options that it is built with. Partitipation is entirely voluntary and is as simple as running "make send-survey" after building (see the INSTALL file for details and caveats). I've used the data to answer a couple of questions on this list

Now that ssh-rand-helper has been segregated into a separate program, I'd like to revisit an old question about its entropy gathering. - would it be desirable to make it possible for ssh-rand-helper to fall back to external commands if PRNGD cannot be reached, instead of choosing one or the other at compile time? - When using PRNGD, the program gets 48 bytes of entropy from PRNGD,

http://bugzilla.mindrot.org/show_bug.cgi?id=953 ------- Additional Comments From dtucker at zip.com.au 2005-01-27 17:16 ------- I've tried to reproduce this with OpenSSH 3.7.1p2 on Solaris 2.5.1 (the only system I have available that doesn't have /dev/random). It ran a variant of your script on my system for over an hour without a single hang. Some more questions: - can you

Hello all, I was finally able to create the OpenSSH package for Solaris 8 10/01. The problem I have now is that I will still need to have entropy ready prior to openssh-3.1p1 package installation. Otherwise there is no entropy pool available (with the new servers) and key generation fails. With the previous versions of openssh, I used SUN's "makeOpenSSHPackage.ksh" script and was

Bugzilla is reporting an internal server error right now so I thought I'd post this here. The current portable OpenSSH developer CVS has some non-standard shell syntax in the --with-prngd-socket case, and the grep "-q" option is not supported in at least Solaris 2.5.1. Here's a patch. Alternatively, the first test could use case "$withval" in /*) ;; *)

On Sun, Mar 19, 2023 at 12:57:23PM +1100, Darren Tucker wrote: > On Sun, 19 Mar 2023 at 12:25, Nathan Wagner <nw at hydaspes.if.org> wrote: > Does the OpenSSL self-test ("make tests") pass? Does its basic RNG > function work (eg "openssl rand -base64 9")? And if "openssl rand" > doesn't work, if you strace it what is it trying to do? make

This applies to all platforms, I think: $ make install [snip] if [ ! -z "yes" ]; then \ ./install-sh -c -m 644 ssh-rand-helper.8.out /home/dtucker/openssh/openssh-cvs-test/contrib/aix/package/usr/local/man/man8/ssh-rand-helper.8 /bin/sh: 0403-057 Syntax error at line 1 : `then' is not matched. make: *** [install-files] Error 2 Looks like missing line continuation in