similar to: [Bug 968] OpenSSH 3.8p1 PRNG seed extraction failed error

http://bugzilla.mindrot.org/show_bug.cgi?id=968 Summary: OpenSSH 3.8p1 PRNG seed extraction failed error Product: Portable OpenSSH Version: 3.8p1 Platform: UltraSparc OS/Version: SunOS Status: NEW Severity: major Priority: P2 Component: scp AssignedTo: openssh-bugs at mindrot.org

OpenSSL 1.1.0 has deprecated this function. --- configure.ac | 1 + openbsd-compat/openssl-compat.c | 2 ++ openbsd-compat/openssl-compat.h | 4 ++++ 3 files changed, 7 insertions(+) diff --git a/configure.ac b/configure.ac index 3f7fe2cd..db2aade8 100644 --- a/configure.ac +++ b/configure.ac @@ -2710,6 +2710,7 @@ if test "x$openssl" = "xyes" ; then ])

http://bugzilla.mindrot.org/show_bug.cgi?id=968 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED ------- Comment #21 from dtucker at zip.com.au 2006-10-07 11:38 ------- Change all RESOLVED bug to CLOSED with the exception

I upgraded from OpenSSH_3.0.2p1 to OpenSSH 3.4p1. Starting SSHD or ssh-keygen I'm getting the "PRNG is not seeded". I have verified that prngd is running and "egc.pl /var/spool/prngd/pool get" runs just fine reporting 32800 bits of entropy. My platform is Solaris 8 (sparc) and I downloaded binaries from www.sunfreeware.com. My guess is the build of OpenSSH 3.4.p1 is

Hi, I am happy to (re)send a set of patches for compiling OpenSSH 4.7p1 with FIPS 140-2 OpenSSL. These are based on previously reported patches by Steve Marquess <marquess at ieee.org> and Ben Laurie <ben at algroup.co.uk>, for ver. OpenSSH 3.8. Note that these patches are NOT OFFICIAL, and MAY be used freely by anyone. Issues [partially] handled: SSL FIPS Self test. RC4,

Yo All! openssh-SNAP-20010209.tar.gz fails to compile on Slackware. Patch at the end of this message. Here is the error: gcc -o sftp sftp.o sftp-client.o sftp-common.o sftp-int.o log-client.o -L. -Lopenbsd-compat/ -L/usr/local/ssl/lib -L/usr/local/ssl -lssh -lopenbsd-compat -lcrypt -lz -lnsl -lutil -lcrypto -lwrap openbsd-compat//libopenbsd-compat.a(bsd-arc4random.o): In function

I believe there is a problem with the openbsd-compat/bsd-arc4random.c file. If arc4random () is called without seed_rng having previously been called (eg if you run ssh-keygen -p ) then it does not in fact invoke seed_rng () if it is the first time. Instead it will invoke seed_rng every time BUT the first time. At least that is the way I read the code, and changing it as below allowed me to

Correct me if I'm wrong, but init_rng() in entropy.c doesn't call seed_rng(), and in fact seed_rng() isn't called from _anywhere_ (in openssh-2.5.1p2). So calls to BN_rand() only pick up the tiny/non-existent amount of entropy added by BN_rand() itself from the system clock (time in seconds). Shouldn't seed_rng() be called from init_rng()? It should be called from _somewhere_,

Failure on Solaris 9 sparc: Undefined first referenced symbol in file seed_rng openbsd-compat//libopenbsd-compat.a(bsd-arc4random.o) ld: fatal: Symbol referencing errors. No output written to ssh-pkcs11-helper collect2: ld returned 1 exit status gmake: *** [ssh-pkcs11-helper] Error 1

We've run into an interesting dilemma regarding last log information and ssh 4.2p1. In 3.8, we didn't see this problem, but now has cropped up in 4.2. When a user logs in, sshd seems to call 'last' to get the last log information. 'last' then opens the /var/log/wtmp file and processes the information. On some systems, this file can be quite large, and we're seeing

Before I actually implement the small changes needed to allow the location of ssh-rand-helper to be specified in the config file, I'd like to check that in doing so I won't be opening up a huge security hole. My brief reading of the code suggests that in entropy.c:seed_rng() the ssh-rand-helper is run as the original uid (for binaries which were setuid in the first place of course), so I

Hello All, This is regarding a sshd problem. In our system we use ocrandom (a random number generator) to fill in the device /dev/urandom from which sshd reads the randomness for seeding. In a situation we stop the ocrandom and sshd. Now as usual we start the ocrandom first and then sshd. We get an error "PRNG is not seeded" while starting sshd. When we start the sshd for the second

Hi! I have just played around a little bit with the actual CVS on HP-UX 10.20. - In openbsd-compat/Makefile.in the .c.o default rule is missing: .c.o: $(CC) $(CFLAGS) $(CPPFLAGS) -c $< - Linking sftp fails, because seed_rng() cannot be resolved. Actually it is in entropy.c (libssh) and needed by arc4random.c. A similar problem has been discussed several days ago and the problem should

I have a need to have the same OpenSSH binaries run on multiple machines which are administered by different people. That means on Solaris, for example, there will be some with /dev/random, some on which I can run prngd because they'll be installing my binaries as root, and some which will have neither because they will be only installed as non-root. Below is a patch to enable choosing all 3

Hi all, attached is a patch that enables using hardware crypto accelerators available through OpenSSL library for SSH operations. Especially in ssh/sshd it can bring a significant speed improvement. OTOH if no crypto engine is available, nothing bad happens and default software crypto routines are used. This patch is used in SUSE Linux OpenSSH package and proved to work (at least it didn't

Greetings. I'm wondering if OpenSSH automatically falls back to the internal PRNG (such as used on Solaris) when it can't use a better alternative. The reason I ask is this: the machine I am compiling OpenSSH on has the /dev/random patch for Solaris 8. I'd like OpenSSH to use /dev/random whenever possible, if it exists. However, I'd prefer NOT to have to compile a separate

Hi when i restart sshd I get PRNG is not seeded # /etc/init.d/sshd restart PRNG is not seeded # No idea as what is going on Thanks and Regards Kaushal

http://bugzilla.mindrot.org/show_bug.cgi?id=575 Summary: a bug make me crazy--PRNG is not seeded Product: Portable OpenSSH Version: -current Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-bugs at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=328 ------- Additional Comments From luc at suryo.com 2002-07-02 06:45 ------- This may not be a openssh problem.... If the openssh/openssl was compiled to use /dev/urandom (or /dev/random) and your system does not have the proper path installed to support /dev/urandom (or /dev/urandom) this is what you will see when you try to start sshd/ssh

tags 516774 = patch tags 516294 = upstream thanks Hi! Please find attached a diff closing #516774 by adding mkstemp(3), again with a minimalistic pseudo-arc4random(3) behind it. I?ve revisited the code. An mkstemp testsuite from the ?net shows it works, except for not caring how many ?X?en are in the template. Addressing #516294, it allows compiling and linking an mksh from today?s CVS against