similar to: Announcement: PRNGD 0.9.0 available

Hi, when running OpenSSH with EGD as entropy source, the sshd server connects to the EGD socket and leaves it open to re-seed on the fly. Unfortunately the connection is not checked when re-seeding, so that a failure or restart of EGD will lead to a "fatal()" abort of the sshd server process. Since a dying server process can not be accepted, I would recommend to not have sshd call it

Hi! I have just uploaded version 0.9.28 of prngd. It does fix a hang in an endless loop under certain conditions. I have never seen this myself on HP-UX but I have received some reports, more or less all from Solaris 8 users, one of which finally lead to the correct analysis. Problem: after calling waitpid(), errno is evaluated for the case of waidpid()=0 even though errno is not set in this

Hi! I am resending the following message about problems with utmp handling. * In the meantime I had some request in private mail from people asking whether I have new information. * The problem is still persistant in 2.9p2. * My own new investigations show, that the problem only appears with protocol 2, not with protocol 1, I therefore only started to note it when protocol 2 became the

Hi! The handling of the "status" information in bsd-waitpid.c and bsd-nextstep.c seems to be bit odd. Patch attached. Best regards, Lutz -- Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz

Hi! I am distributing 2.5.1p1 for production use on my system by now and prepare switching to protocol 2 as default protocol. I just noted, that ssh-agent can be used for protocol 1 and 2, but the keys kept in ssh-agent are not compared against keys in .ssh. Example: I have a DSA key in id_dsa which I load into ssh-agent on login. When connecting to an account accepting the key everything is

Hi! I have experimented a bit with the latest OpenSSH from the CVS archive. I could realize some connections succesfully, but I experienced performance problem during the connection phase. It seems, that the client needs quite some computer time just after debug: Got SSH2_MSG_KEX_DH_GEX_GROUP. By inserting test-printouts, I verifyed that the dh_gen_key(dh); call seems to take that long. On a HP

There are a couple of issues regarding egd support in OpenSSH. 1) SIGPIPE is not ignored for the master listener daemon. I put the signal() call early on since it needs to be before get_random_bytes() is called but it could also be placed in the EGD version of get_random_bytes(). For some reason, with prngd I am getting SIGPIPE even though the prngd processes is not dying.

Hi! I have problems with connections being left open with both 2.2.0p1 and the latest snapshot when using agent-forwarding. (I didn't use this with older versions, so I don't know whether this problem is older.) Scenario: I have a secret key that I run with ssh-agent on host "host-A". I then connect to "host-B" using 'slogin -A host-B'. When executing a

Hi! when using agent forwarding, the connection hangs on exit, if the agent has been accessed. Symptoms: - On the client side, when the agent is accessed, the following output is being logged: debug1: channel 1: new [authentication agent connection] debug1: confirm auth-agent at openssh.com debug1: channel 1: rcvd eof debug1: channel 1: output open -> drain debug1: channel 1: obuf empty

Hi! as I just noted, after scp the connection does not shut down properly. When I do a "scp file targethost:path", on targethost a "sshd" process is left running. I do use --with-default-path="/usr/local/openssh/bin:/usr/bin:/usr/local/bin" to assure, that the corrensponding openssh-scp is used. It also seems, that normal sessions are not always closed properly.

On Wed, Sep 13, 2000 at 09:13:26AM +0000, Graham Murray wrote: > On upgrading to openssl 0.9.6-beta1, I find that openssh 2.2.0p1 fails > to connect. I did some more experiments and also saw the problems. They occur when using a 0.9.6-beta client to connect to 0.9.5a and 0.9.6-beta servers. They also occur when using a 0.9.5a client connecting to a 0.9.6-beta server. Connections fail with

Hi, I just tried building of OpenSSH-2.1.0 on HP-UX 10.20 and found the following items: - The configure command I used at the beginning: CC=cc CFLAGS="-Ae +O2 +DAportable" CPPFLAGS="-I/usr/local/include -I/usr/local/s sl/include -I/usr/include/X11R6" LDFLAGS="-L/usr/local/lib -L/usr/local/ssl/lib -L/usr/lib/X11R6" ./configure --prefix=/usr/local/openssh

Hi, I use openssh-2.9p2 on an i386 LynxOS system. Since LynxOS does not have support for /dev/[u]random, I installed openssh with prngd support. It so happened by accident on installation that prngd.conf got truncated to zero size. With prngd running as such, ssh-keygen just hangs. I notice similar case with sshd, ssh, ... as all these depend on prngd for random number. SMMEstack# /usr/sbin/sshd

I upgraded from OpenSSH_3.0.2p1 to OpenSSH 3.4p1. Starting SSHD or ssh-keygen I'm getting the "PRNG is not seeded". I have verified that prngd is running and "egc.pl /var/spool/prngd/pool get" runs just fine reporting 32800 bits of entropy. My platform is Solaris 8 (sparc) and I downloaded binaries from www.sunfreeware.com. My guess is the build of OpenSSH 3.4.p1 is

subscribe openssh-unix-dev at mindrot.org > Send openssh-unix-dev mailing list submissions to > openssh-unix-dev at mindrot.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev > or, via email, send a message with subject or body 'help' to > openssh-unix-dev-request at mindrot.org >

http://bugzilla.mindrot.org/show_bug.cgi?id=361 ------- Additional Comments From Lutz.Jaenicke at aet.TU-Cottbus.DE 2002-07-19 17:37 ------- OpenSSH's "configure" command will only pick up a new installation of PRNGD, when it is running during the call to configure. Thus make sure to * install prngd first and check its proper operation. * then run OpenSSH's configure

Just for peace of mind, can someone who knows the openssh code better than I do, confirm that openssh doesn't use (in any circumstances) the openssl prng (since the code in versions prior to 0.9.6b is rather weak). My understanding is that it doesn't (using either /dev/random, egd, prngd or the builtin code), but I may have missed some other use of the openssl prng elsewhere... -- Jon

Hi! I have just updated some hosts to todays CVS version of OpenSSH portable, now flagged as 2.9.9p1. I now find the following error messages in my logfiles: Sep 25 12:16:38 ws01 sshd[17610]: wtmp_get_entry: read of /var/adm/wtmp failed: Bad file number Sep 25 12:17:11 ws01 sshd[17659]: wtmp_get_entry: read of /var/adm/wtmp failed: No such device or address These do not occur with 2.9p2. On the

Hi! When specifying --with-ssl-dir=/path/to/ssl, configure will always use an openssl-library in system locations if there, regardless of the setting. This is caused by line 343 of configure.in: for ssldir in "" $tryssldir /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do as "" precedes $tryssldir, so $tryssldir is

Hi! after applying the rijndael patch ("includes.h") snap-20001014 compiles on HP-UX 10.20, some login/logout/scp connections with other OpenSSH hosts seem to work. There is a minor correction for Configure: - At the summary, the location for ask-pass is still .../libexec/ssh/ssh-askpass while it is compiled in as .../libexec/ssh-askpass I also just noted (I never cared to look