similar to: Why does prng always need to run the ssh_prng_cmds?

On Tue, 6 Nov 2001, Dan Astoorian wrote: > Date: Tue, 6 Nov 2001 13:23:58 -0500 > From: Dan Astoorian <djast at cs.toronto.edu> > To: Dave Dykstra <dwd at bell-labs.com> > Cc: Ed Phillips <ed at UDel.Edu> > Subject: Re: Entropy and DSA key > > On Tue, 06 Nov 2001 10:54:12 EST, Dave Dykstra writes: > > > On Mon, 5 Nov 2001, Ed Phillips wrote: >

I have a need to provide ssh client binaries for use elsewhere on several platforms, some without /dev/random support. I can't assume that users will know how to install/run prngd or egd, so I was planning to rely on the builtin prng code. However this require the ssh_prng_cmds file to exist in a fixed location -- which would mean making binaries which either look for it in . or other

Hello *, sorry if i missed an article which already solves my problem. I need a working configuration of OpenSSH for Solaris 7 (SunOS 5.7) with AFS support. PAM support to use the AFS PAm module `pam_afs.so' and TCP-Wrapper support would be nice. It would be nice to have similar configurations for Solaris 6 (SunOS 5.6), Solaris 8 (SunOS 5.8) and Solaris 2.5.1. I have tested a few

Heya, I have compiled and installed OpenSSH on a Solaris/Sparc machine and whenever I try to start any of the ssh programs I get "fatal: PRNG initialisation failed -- exiting" Now, I have looked through the mailing lists and have seen some mention that this indicates it can't open the ssh_prng_cmds file, which entropy.c also seems to indicate the problem is. However, this snippet

My ISP supports connections via ssh. I was using OpenSSH 1.2.3 (portable) on Solaris 2.5.1 (with EGD), and I could connect to my ISP just fine. They're using the proprietary sshd version 1.2.26 as far as I can tell. A connect session looks like: $ ssh-1.2.3 -v -l foobar xx.xx.xx.xx SSH Version OpenSSH-1.2.3, protocol version 1.5. Compiled with SSL. debug: ssh_connect: getuid 390

Hi. I recently snookered myself: I build OpenSSH on an old box that didn't have /dev/random, but happened to be running prngd at the time for other reasons. Because I wanted to use commands, I configured --with-rand-helper, however configure found the prngd socket and built ssh-rand-helper to use it exclusively. Next reboot: no prngd, no random seed, no sshd. Do not log in, do not

Just for peace of mind, can someone who knows the openssh code better than I do, confirm that openssh doesn't use (in any circumstances) the openssl prng (since the code in versions prior to 0.9.6b is rather weak). My understanding is that it doesn't (using either /dev/random, egd, prngd or the builtin code), but I may have missed some other use of the openssl prng elsewhere... -- Jon

Gidday, I've just tried installing openssh-2.2.0p1 and found that it globbers my ssh_prng_cmds file which has been customised from the normally installed one. On BSDi 4.0.1 it doesn't detect enough commands for ssh-keygen to be happy. Most of the commands do actually exist, but I have to specify where they are. Could someone please modify the installation scripts to either backup this

http://bugzilla.mindrot.org/show_bug.cgi?id=328 Summary: starting sshd yeilds PRNG not seeded Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: Solaris Status: NEW Severity: major Priority: P1 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

hello, i built an ssh 2.5.1p2 package for solaris. it's installed into /usr/local (with sysconfdir=/etc) on an administrative host with write access to /usr/local. other hosts nfs mount /usr/local. i had a script copy the following files generated from the package install into each host's /etc directory: primes ssh_prng_cmds sshd_config ssh_config then ran

Hi people, Please excuse this rather long debug output... $ uname -a SunOS echelon 5.6 Generic_105181-17 sun4u sparc SUNW,Ultra-Enterprise $ /usr/local/openssh/bin/ssh -v x.x.x.x SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /usr/local/etc/ssh_config debug: Applying options for * debug: ssh_connect: getuid 1002 geteuid 0

The following patch against openssh-SNAP-20000823 allows to override the compile-time "ssh_prng_cmds" file at run time by adding new options to the server and client configurations. (We move binaries around a bit, and this was the only absolute path that couldn't be fixed at run-time). Regards Jan diff -ur openssh-SNAP-20000823.orig/entropy.c openssh-SNAP-20000823.new/entropy.c

http://bugzilla.mindrot.org/show_bug.cgi?id=435 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|internal entropy gatherer |internal entropy gatherer ------- Additional Comments From dtucker at zip.com.au 2002-11-15 00:21 ------- Which platform did you

I upgraded from OpenSSH_3.0.2p1 to OpenSSH 3.4p1. Starting SSHD or ssh-keygen I'm getting the "PRNG is not seeded". I have verified that prngd is running and "egc.pl /var/spool/prngd/pool get" runs just fine reporting 32800 bits of entropy. My platform is Solaris 8 (sparc) and I downloaded binaries from www.sunfreeware.com. My guess is the build of OpenSSH 3.4.p1 is

http://bugzilla.mindrot.org/show_bug.cgi?id=323 Summary: arp -n flag doesn't exist under Solaris, ssh_prng_cmds still uses it Product: Portable OpenSSH Version: -current Platform: All OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: Build system

Hi! I have just made the 0.9.0 release of PRNGD available. PRNGD is the Pseudo Random Number Generator Daemon. It has an EGD compatible interface and is designed to provide entropy on systems not having /dev/*random devices. Software supporting EGD style entropy requests are openssh, Apache/mod_ssl, Postfix/TLS... Automatic querying of EGD sockets at fixed locations has been introduced in the

Hi there, I have all my additional software mounted from one central place. Therefore I'm trying to limit all unnecessary local files. Local config files are ok... e.g. keys, ssh_config etc, but why needs ssh_prng_cmds to be in /etc? So why not put it into $bindir? There are no problems doing this with a few manual fixes. So are there any security concerns? Is it possible to make this a

I have a need to have the same OpenSSH binaries run on multiple machines which are administered by different people. That means on Solaris, for example, there will be some with /dev/random, some on which I can run prngd because they'll be installing my binaries as root, and some which will have neither because they will be only installed as non-root. Below is a patch to enable choosing all 3

Joe Warren-Meeks [SMTP:joe at hole-in-the.net] wrote: > open("/usr/local/etc/ssh_prng_cmds", O_RDONLY) = 3 open of the command file succeeded. > brk(0x000E6DB8) = 0 "malloc" in user land, i.e. sshd > brk(0x000E8DB8) = 0 "malloc" in user land, i.e. sshd > fstat64(3, 0xFFBEECD8)

the configure option --program-prefix does not work although it is listed in teh configure --help output. The attached patch fixes these issues: 1) program prefix is not substituted in configure 2) program prefix is not present in Makefile 3) scp requires use of a known "scp" program -- bryan diff -cr openssh-2.9.9p2.orig/Makefile.in openssh-2.9.9p2/Makefile.in ***