similar to: Problem compiling 1.2.2 on solaris

Over the holidays, I intend to finally rid portable OpenSSH of the builtin entropy collection code. Here's what I intend to do: When init_rng is called, we'll check OpenSSL's RAND_status(). If this indicates that their PRNG is already seeded, we'll do nothing. This effectively detects platforms which have /dev/urandom (or similar) configured into OpenSSL. If OpenSSL isn't

Roger Marquis wrote: > [snip] > >It takes all of 2 seconds to generate a ssh 2 new session on a >500Mhz cpu (causing less than 20% utilization). Considering that >99% of even the most heavily loaded servers have more than enough >cpu for this task I don't really see it as an issue. > >Also, by generating a different key for each session you get better >entropy,

Now that ssh-rand-helper has been segregated into a separate program, I'd like to revisit an old question about its entropy gathering. - would it be desirable to make it possible for ssh-rand-helper to fall back to external commands if PRNGD cannot be reached, instead of choosing one or the other at compile time? - When using PRNGD, the program gets 48 bytes of entropy from PRNGD,

Hi guys We at ZKS were also interested in yarrow under unix. However the implementation that counterpane have on their web page doesn't correspond to the paper -- it is a pretty different design. Also the windows code is hairy in the extreme -- I decided to reimplement it from scratch from the paper, rather than try to look at that windows code too much (yeuch!). And in writing from the

Hi. I've been playing a bit with "use sound card as an entropy source" idea. This simple program does what I wanted: http://people.freebsd.org/~pjd/misc/sndrand.tbz The program is very simple, it should be run with two arguments: % sndtest /dev/dspW 1048576 > rand.data This command will generate 1MB of random data. With my sound card: pcm0: <Intel ICH3 (82801CA)>

Hello, we have a PRI (E1) to a carrier and a second one to a legacy PBX: DTAG ---pri---- * ------ Hicmo (PSTN) | | Sip and more Many normal inbound calls are direcly routed to the hicom. Outbound calls from the Hicom go through LCR and then to PSTN. Inbound faxes are working, but outbound faxes from hicom to pstn are

On Thu, Jan 13, 2000 at 17:34:10, Andre Lucas wrote: > Subject: /dev/urandom > On Thu, Jan 13, 2000 at 09:24:01AM -0700, SysProg - Nathan Paul Simons wrote: > > On Thu, 13 Jan 2000, Ben Taylor wrote: > > > > > On Thu, 13 Jan 2000, Max Shaposhnikov wrote: > > > > why ssh1.27 doesn't requre /dev/urandom on solaris? > > > > i think the

First of all, you can probably go online before you convert all passwords. You can modify your query in dovecot-sql.conf.ext to something like the following: SELECT IF(crypt_pass IS NULL OR crypt_pass='', CONCAT('{PLAIN}',plain_pass), crypt_pass) as password FROM mailuser .. This is assuming that: * for incoming users, you have a plain_pass column containing just the plaintext

You do need to complete the query. Don't just replace your query with the one I wrote. You have to have a WHERE clause, and you might need to return other fields. Keep the password query you had before, just replace the 'password' column with "IF( ... ) as password" The query as you have it now simply returns all the passwords for all the users, because you don't have a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random(9) predictable sequence vulnerability Category: core Module: sys Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random(9) predictable sequence vulnerability Category: core Module: sys Announced:

Hi. I experimented a bit with collecting entropy from the time it takes for device_attach() to run (in CPU cycles). It seems that those times have enough variation that we can use it for entropy harvesting. It happens even before root is mounted, so pretty early. On the machine I'm testing it, which has minimal kernel plus NIC driver I see 75 device_attach() calls. I'm being very careful

Nico-- SSH is trying to "get entropy" by taking the (somewhat-deterministic) output of a bunch of system commands, on those OSs that don't provide a /dev/random or its equivalent. The commands that it uses are in /etc/ssh_prng_cmds or its equivalent on your system; just comment out any of the lines (and stop/restart SSHd) in order to change which system commands are used as inputs

Hai Marco. Just upgrade it. ;-) It's not needed to move FSMO roles, in the last 4 years of upgradeing.. I did that exactly... 0 times. Steps shown work fine. ;-) Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Marco Gaiarin via samba > Verzonden: woensdag 2 oktober 2019 11:29 > Aan: samba at

Thank you very much to both of you. I'm going to check those documents that happened to me. I started working in that place and I found this AD that had years without maintenance. and the little that was done to him was very deficient. I try to check what happened to me and tell them how it went. El jue., 19 sept. 2019 a las 11:54, L.P.H. van Belle via samba (<samba at lists.samba.org>)

Good morning, I'm trying to concisely generate a single integer from 0 to n inclusive, where n might be of the order of hundreds of millions. This will however be used many times during the general procedure, so it must be "reasonably efficient" in both memory and time... (at some later stage in the development I hope to go vectorized) The examples I've found through searching

Hi , I have setup site-to-site IPSEC tunnel using Freeswan and Shorewall. I have 3 sites, One central site called site-A, and 2 remote sites called site-B and site-C. Now site-A can communicate with site-B and site-C repectively. I want to enable site-B talk to site-C using Tunnel hub configuration. I have enabled the shorewall policy on site-A server so that site-B can talk site-C, but it

Hello Rails community I cannot seem to find via Google what I had hoped would be a simple issue On a single DB system (currently, postgres 8.1.4), I have two databases, each containing multiple tables. I would like to configure my app and database.yml to recognize these two databases. What is the corrrect config for the database.yml ? Is it something like: > production: > adapter:

Hi everyone, i just installed dovecot in Fedora Core release 1 (Yarrow). When accessing from a eudora 6.1 client, first it gave ssl authentication problems. I fixed disabling them in eudora, but now it authenticates ok and then it says that there is no inbox for that user. Any idea? Enrique Pedraza Valiente Formador en Lenguajes Avanzados y Nuevas Tecnolog?as cell: +34 678 51 75 19

hi guys I've just let the system to get big update to 7.8 and with it came new Samba(4.10.4-10.el7.x86_64), a version with now fails on my boxes for no apparent reasons. My Samba uses LDAP backend but I can see no errors related to that neither. ... [2020/05/05 15:53:37.093041,? 0] ../../lib/util/become_daemon.c:136(daemon_ready) ? daemon_ready: daemon 'smbd' finished starting up and