similar to: OpenSSH entropy/PRNG (was: Why does ssh try to run df, netstat, arp ...?)

Howdy, I recently had a problem with one of our servers (crashed due to power failure :-). While this shouldn't have been a problem for most of the workstations and servers on the network I noticed that I wasn't able to use ssh anymore. Ssh would simply hang during the connection. rsh and telnet however were able to connect without problem so there was no problem with the destination or

Howdy, I'm sorry if this is a FAQ but I couldn't reach the openssh.com website so I can't check. Is it possible to use F-Secure SSH FTP 4.1 (client) with the openssh2.2.0p1 server? In the documentation I read that sftp is still on the todo list but "SecureFX (secure ftp)" is supported. Apparently this means there are different ways to do ftp with ssh? In that case which

Howdy, I'm installing openssh 2.2.0p1 on a number of SUNs running Solaris 2.6 but ran into a few problems: 1. whenever I run a remote X11 application and f.i. change the windowsize I get anoying debug messages like debug: client_check_window_change: changed This is a problem since I want to use openssh in a production environment. Is there any way to turn these messages off?

Howdy, I just installed openssh-2.9p2 on a Solaris 8 system. I use the same configuration files as the previous installation (which was 2.9p1) however I suddenly can't login as root anymore. Loging in as a regular user + "su" still works so it's not a password issue. I'm very sure the sshd_config has "PermitRootLogin yes". Did any of the sshd_config change? Nico

Hi, we upgraded the NT domain to Win2k. However now samba suddenly can't connect to the domain anymore. Any ideas what we can do? I tried upgrading to Samba 2.2.1a (was 2.0.7) but that doesn't make any difference. Tried removind MACHINE.SID from the private directory but that doesn't help either. When I do smbpasswd -j EDEN -r bison I get the following output: corsendonk.[root]#

Over the holidays, I intend to finally rid portable OpenSSH of the builtin entropy collection code. Here's what I intend to do: When init_rng is called, we'll check OpenSSL's RAND_status(). If this indicates that their PRNG is already seeded, we'll do nothing. This effectively detects platforms which have /dev/urandom (or similar) configured into OpenSSL. If OpenSSL isn't

Hi, Actually I am using the Backend Idmap_AD. I thought Idmap_adex is still under heavy development. Tobias Mit freundlichen Gr??en Tobias Mucke LFK-Lenkflugk?rpersysteme GmbH Serverpool, FCI4 Landshuter Stra?e 26, 85716 Unterschlei?heim, GERMANY Phone: +49 89 3179 8438 Fax: +49 89 3179 8927 Mobile: +49 170 635 3830 E-Mail: tobias.mucke at mbda-systems.de http://www.mbda.net Chairman of

On Thu, Jan 13, 2000 at 17:34:10, Andre Lucas wrote: > Subject: /dev/urandom > On Thu, Jan 13, 2000 at 09:24:01AM -0700, SysProg - Nathan Paul Simons wrote: > > On Thu, 13 Jan 2000, Ben Taylor wrote: > > > > > On Thu, 13 Jan 2000, Max Shaposhnikov wrote: > > > > why ssh1.27 doesn't requre /dev/urandom on solaris? > > > > i think the

Roger Marquis wrote: > [snip] > >It takes all of 2 seconds to generate a ssh 2 new session on a >500Mhz cpu (causing less than 20% utilization). Considering that >99% of even the most heavily loaded servers have more than enough >cpu for this task I don't really see it as an issue. > >Also, by generating a different key for each session you get better >entropy,

Hi. I've been playing a bit with "use sound card as an entropy source" idea. This simple program does what I wanted: http://people.freebsd.org/~pjd/misc/sndrand.tbz The program is very simple, it should be run with two arguments: % sndtest /dev/dspW 1048576 > rand.data This command will generate 1MB of random data. With my sound card: pcm0: <Intel ICH3 (82801CA)>

Hi guys We at ZKS were also interested in yarrow under unix. However the implementation that counterpane have on their web page doesn't correspond to the paper -- it is a pretty different design. Also the windows code is hairy in the extreme -- I decided to reimplement it from scratch from the paper, rather than try to look at that windows code too much (yeuch!). And in writing from the

Now that ssh-rand-helper has been segregated into a separate program, I'd like to revisit an old question about its entropy gathering. - would it be desirable to make it possible for ssh-rand-helper to fall back to external commands if PRNGD cannot be reached, instead of choosing one or the other at compile time? - When using PRNGD, the program gets 48 bytes of entropy from PRNGD,

Hi, when using puppet to install extra rpm packages on centos: how can I make a package depend on 2 or more other packages. e.g. this works: class centos4_extra_packages { package { "test1" : ensure => installed, require => package["prereq"] } } but I can''t figure out how to make test1 require

Hi. I experimented a bit with collecting entropy from the time it takes for device_attach() to run (in CPU cycles). It seems that those times have enough variation that we can use it for entropy harvesting. It happens even before root is mounted, so pretty early. On the machine I'm testing it, which has minimal kernel plus NIC driver I see 75 device_attach() calls. I'm being very careful

Hi All, Users at our site are using SAMBA (Version 2.0.8 and 1.9.15p8) to map their Home Directories and their Clearcase Vobs/Views on their Windows 2000 desktops. Home directories are being mapped without any issues but while mapping their views/vobs we are getting the error stated below: Network path \\server name\share could not be found and The mapped network drive could not

Hi, with current test releases SSL doesn't work anymore for me on AIX 4.3 with dovecot-0.99.10-test14. It worked with 0.99.9.1. dovecot: Jun 23 19:42:23 Info: Dovecot starting up imap-login: Jun 23 19:42:25 Fatal: RAND_bytes() failed: error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded imap-login: Jun 23 19:42:25 Fatal: RAND_bytes() failed: error:24064064:random number

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random(9) predictable sequence vulnerability Category: core Module: sys Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random(9) predictable sequence vulnerability Category: core Module: sys Announced:

I tried using sssd but I couldn't get it working based on the info on https://wiki.samba.org/index.php/Sssd I may give it another go anyway. Nico On Mon, Dec 7, 2015 at 1:24 PM, mathias dufresne <infractory at gmail.com> wrote: > In case of... SSSD comes also with a caching method. Using SSSD rather than > Winbind could help in certain cases... > > 2015-12-07 13:00

Greetings. I'm wondering if OpenSSH automatically falls back to the internal PRNG (such as used on Solaris) when it can't use a better alternative. The reason I ask is this: the machine I am compiling OpenSSH on has the /dev/random patch for Solaris 8. I'd like OpenSSH to use /dev/random whenever possible, if it exists. However, I'd prefer NOT to have to compile a separate