Displaying 20 results from an estimated 2000 matches similar to: "OpenSSH entropy/PRNG (was: Why does ssh try to run df, netstat, arp ...?)"
2000 Nov 17
2
Why does ssh try to run df, netstat, arp ...?
Howdy,
I recently had a problem with one of our servers (crashed due to power
failure :-). While this shouldn't have been a problem for most
of the workstations and servers on the network I noticed that I
wasn't able to use ssh anymore. Ssh would simply hang during the connection.
rsh and telnet however were able to connect without problem so there
was no problem with the destination or
2000 Oct 04
1
openssh 2.2.0p1 and F-secure SSH ftp
Howdy,
I'm sorry if this is a FAQ but I couldn't reach the openssh.com
website so I can't check.
Is it possible to use F-Secure SSH FTP 4.1 (client) with
the openssh2.2.0p1 server? In the documentation I read that
sftp is still on the todo list but "SecureFX (secure ftp)" is
supported. Apparently this means there are different ways to
do ftp with ssh? In that case which
2000 Sep 26
3
anoying debug info + can't login automaticaly
Howdy,
I'm installing openssh 2.2.0p1 on a number of SUNs running Solaris
2.6 but ran into a few problems:
1. whenever I run a remote X11 application and f.i. change the windowsize
I get anoying debug messages like
debug: client_check_window_change: changed
This is a problem since I want to use openssh in a production environment.
Is there any way to turn these messages off?
2001 Aug 17
0
openssh-2.9p2 not allowing root access?
Howdy,
I just installed openssh-2.9p2 on a Solaris 8 system.
I use the same configuration files as the previous installation
(which was 2.9p1) however I suddenly can't login as root anymore.
Loging in as a regular user + "su" still works so it's not a
password issue. I'm very sure the sshd_config has "PermitRootLogin yes".
Did any of the sshd_config change?
Nico
2001 Oct 11
0
Urgent. upgraded domain to Win2k now samba can't join anymore
Hi,
we upgraded the NT domain to Win2k. However now samba suddenly can't
connect to the domain anymore. Any ideas what we can do? I tried upgrading
to Samba 2.2.1a (was 2.0.7) but that doesn't make any difference.
Tried removind MACHINE.SID from the private directory but that doesn't
help either. When I do smbpasswd -j EDEN -r bison I get the following
output:
corsendonk.[root]#
2001 Dec 21
6
Killing the builtin entropy code
Over the holidays, I intend to finally rid portable OpenSSH of the
builtin entropy collection code. Here's what I intend to do:
When init_rng is called, we'll check OpenSSL's RAND_status(). If this
indicates that their PRNG is already seeded, we'll do nothing. This
effectively detects platforms which have /dev/urandom (or similar)
configured into OpenSSL.
If OpenSSL isn't
2010 Jul 28
2
Does anybody use idmap_adex?
Hi,
Actually I am using the Backend Idmap_AD. I thought Idmap_adex is still under heavy development.
Tobias
Mit freundlichen Gr??en
Tobias Mucke
LFK-Lenkflugk?rpersysteme GmbH
Serverpool, FCI4
Landshuter Stra?e 26, 85716 Unterschlei?heim, GERMANY
Phone: +49 89 3179 8438
Fax: +49 89 3179 8927
Mobile: +49 170 635 3830
E-Mail: tobias.mucke at mbda-systems.de
http://www.mbda.net
Chairman of
2000 Jan 27
6
EGD requirement a show stopper for me
On Thu, Jan 13, 2000 at 17:34:10, Andre Lucas wrote:
> Subject: /dev/urandom
> On Thu, Jan 13, 2000 at 09:24:01AM -0700, SysProg - Nathan Paul Simons wrote:
> > On Thu, 13 Jan 2000, Ben Taylor wrote:
> >
> > > On Thu, 13 Jan 2000, Max Shaposhnikov wrote:
> > > > why ssh1.27 doesn't requre /dev/urandom on solaris?
> >
> > i think the
2003 Sep 18
2
[Fwd: Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh]
Roger Marquis wrote:
> [snip]
>
>It takes all of 2 seconds to generate a ssh 2 new session on a
>500Mhz cpu (causing less than 20% utilization). Considering that
>99% of even the most heavily loaded servers have more than enough
>cpu for this task I don't really see it as an issue.
>
>Also, by generating a different key for each session you get better
>entropy,
2005 Mar 07
2
New entropy source proposal.
Hi.
I've been playing a bit with "use sound card as an entropy source" idea.
This simple program does what I wanted:
http://people.freebsd.org/~pjd/misc/sndrand.tbz
The program is very simple, it should be run with two arguments:
% sndtest /dev/dspW 1048576 > rand.data
This command will generate 1MB of random data.
With my sound card:
pcm0: <Intel ICH3 (82801CA)>
2000 Feb 25
1
yarrow unix source
Hi guys
We at ZKS were also interested in yarrow under unix. However the
implementation that counterpane have on their web page doesn't correspond to
the paper -- it is a pretty different design.
Also the windows code is hairy in the extreme -- I decided to reimplement it
from scratch from the paper, rather than try to look at that windows code too
much (yeuch!). And in writing from the
2002 Jan 22
4
ssh-rand-helper
Now that ssh-rand-helper has been segregated into a separate program,
I'd like to revisit an old question about its entropy gathering.
- would it be desirable to make it possible for ssh-rand-helper to fall
back to external commands if PRNGD cannot be reached, instead of
choosing one or the other at compile time?
- When using PRNGD, the program gets 48 bytes of entropy from PRNGD,
2007 Jul 09
3
how to make a package depend on 2 or more other packages
Hi,
when using puppet to install extra rpm packages on centos: how can I
make a package depend on 2 or more other packages.
e.g. this works:
class centos4_extra_packages {
package { "test1" :
ensure => installed,
require => package["prereq"]
}
}
but I can''t figure out how to make test1 require
2012 Sep 18
8
Collecting entropy from device_attach() times.
Hi.
I experimented a bit with collecting entropy from the time it takes for
device_attach() to run (in CPU cycles). It seems that those times have
enough variation that we can use it for entropy harvesting. It happens
even before root is mounted, so pretty early.
On the machine I'm testing it, which has minimal kernel plus NIC driver
I see 75 device_attach() calls. I'm being very careful
2001 Apr 19
3
Error Mapping Clearcase Views/Vobs using Samba
Hi All,
Users at our site are using SAMBA (Version 2.0.8 and 1.9.15p8) to map their Home
Directories and their Clearcase Vobs/Views on their Windows 2000 desktops. Home
directories are being mapped without any issues but while mapping their
views/vobs we are getting the error stated below:
Network path \\server name\share could not be found
and
The mapped network drive could not
2003 Jun 23
1
OpenSSL on AIX
Hi,
with current test releases SSL doesn't work anymore for me on AIX 4.3
with dovecot-0.99.10-test14. It worked with 0.99.9.1.
dovecot: Jun 23 19:42:23 Info: Dovecot starting up
imap-login: Jun 23 19:42:25 Fatal: RAND_bytes() failed: error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded
imap-login: Jun 23 19:42:25 Fatal: RAND_bytes() failed: error:24064064:random number
2008 Nov 24
5
FreeBSD Security Advisory FreeBSD-SA-08:11.arc4random
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-08.11.arc4random Security Advisory
The FreeBSD Project
Topic: arc4random(9) predictable sequence vulnerability
Category: core
Module: sys
Announced:
2008 Nov 24
5
FreeBSD Security Advisory FreeBSD-SA-08:11.arc4random
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-08.11.arc4random Security Advisory
The FreeBSD Project
Topic: arc4random(9) predictable sequence vulnerability
Category: core
Module: sys
Announced:
2015 Dec 07
1
Caching user accounts on a Linux portable
I tried using sssd but I couldn't get it working based on the info on
https://wiki.samba.org/index.php/Sssd
I may give it another go anyway.
Nico
On Mon, Dec 7, 2015 at 1:24 PM, mathias dufresne <infractory at gmail.com>
wrote:
> In case of... SSSD comes also with a caching method. Using SSSD rather than
> Winbind could help in certain cases...
>
> 2015-12-07 13:00
2002 Nov 08
1
Will OpenSSH fallback to internal PRNG?
Greetings.
I'm wondering if OpenSSH automatically falls back to the internal
PRNG (such as used on Solaris) when it can't use a better alternative.
The reason I ask is this: the machine I am compiling OpenSSH on has
the /dev/random patch for Solaris 8. I'd like OpenSSH to use
/dev/random
whenever possible, if it exists. However, I'd prefer NOT to have to
compile a separate