similar to: Patch to enable multiple possible sources of entropy

Now that ssh-rand-helper has been segregated into a separate program, I'd like to revisit an old question about its entropy gathering. - would it be desirable to make it possible for ssh-rand-helper to fall back to external commands if PRNGD cannot be reached, instead of choosing one or the other at compile time? - When using PRNGD, the program gets 48 bytes of entropy from PRNGD,

[NOTE: I'm new to this list and this is my first approach to OpenSSH code.] I've enhanced "--with-prngd-port=PORT" flag to accept an optional hostname as in "myhost:myport", e.g.: % ./configure --with-prngd-port=example.com:12345 Although I'm certain that this may cause big trouble if remote gatherer isn't online (ssh will refuse to open any connection) I

Three possibly related bugs to report. N.B. The test machines in question are in peak form (with the exception of different kernel versions) and were working 100% under the old ssh 1.2.x. The two clients we tested from are machines running 2.2.13 & 2.2.14preX Linux kernels. The server where the problems appeared is running 2.2.12. 1. sshd dies periodically. The crash occurred just after a

I'm having a bit of trouble generating a host key on an x86 Solaris 8 system. I've gotten the following built and installed: egd-0.7 openssl-0.9.5a openssh-1.2.3 My perl version is 5.005_03. egd is running, and tests fine the egd "make test" and with: #./egd.pl /etc/entropy get 22 sources found forking into background... server starting But when I go to "make

Bugzilla is reporting an internal server error right now so I thought I'd post this here. The current portable OpenSSH developer CVS has some non-standard shell syntax in the --with-prngd-socket case, and the grep "-q" option is not supported in at least Solaris 2.5.1. Here's a patch. Alternatively, the first test could use case "$withval" in /*) ;; *)

Hi. I recently snookered myself: I build OpenSSH on an old box that didn't have /dev/random, but happened to be running prngd at the time for other reasons. Because I wanted to use commands, I configured --with-rand-helper, however configure found the prngd socket and built ssh-rand-helper to use it exclusively. Next reboot: no prngd, no random seed, no sshd. Do not log in, do not

entropy.c assumes RUSAGE_SELF and RUSAGE_CHILDREN *** entropy.c.orig Thu Jun 15 13:57:28 2000 --- entropy.c Thu Jun 15 13:58:25 2000 *************** *** 201,207 **** --- 201,209 ---- total_entropy_estimate += stir_gettimeofday(1.0); total_entropy_estimate += stir_clock(0.2); + #ifdef HAVE_GETRUSAGE total_entropy_estimate += stir_rusage(RUSAGE_SELF, 2.0); + #endif

The attached patch (relative to the current CVS snapshot) uses a perl script to convert the OpenSSH manpages from the BSD -mdoc format to the -man format used by other systems. This allows the unformatted manpages to be installed normally, rather than defaulting to preformatted pages. I'd like to see this patch integrated into the portable version of OpenSSH. Please let me know what you

Hi, when running OpenSSH with EGD as entropy source, the sshd server connects to the EGD socket and leaves it open to re-seed on the fly. Unfortunately the connection is not checked when re-seeding, so that a failure or restart of EGD will lead to a "fatal()" abort of the sshd server process. Since a dying server process can not be accepted, I would recommend to not have sshd call it

Just tried out ssh in pre13, and still get the EGD problem? :( new-relay:/usr/slocal/src/openssh-1.2pre13> ./ssh -l marc atelier The authenticity of host 'atelier.acadiau.ca' can't be established. Key fingerprint is 1024 ef:36:b5:f8:a3:bb:14:4d:a9:4b:f2:90:9a:bd:bb:00. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added

Okay, everything as the first large one I sent today, with a few extra mods. _PATH_MAILDIR is only used in sshd.c, that I can see, so moved the #ifdef from config.h.in to there. several files had __progname defined in the middle of the code, as well as at the top of the code, so cleaned those out. all the fixes for u_int32_t -> uint32_t and u_int16_t -> uint16_t, plus added appropriate

Details of installation attached. Effect: when I build and test (with full path names) ssh in the openssh... directory, everything works fine. When I "install" it as per attached file into a test-directory and run it from there, there are 2 phenomena: either it just hangs, eating 96% of CPU or it dies with a Segmentation fault (this is what happens most often) Help needed

On Thu, 27 Sep 2001 20:41:05 EDT, Damien Miller writes: > On Thu, 27 Sep 2001, Dan Astoorian wrote: > > > > > It would (IMHO) be useful if there were a way to optionally configure > > that code to fall back to the internal entropy gathering routines in the > > event that EGD was not available; as it is, the routines simply fail if > > EGD is unavailable at the

I developed a better prototype quicker than I expected. Please provide feedback. It's been a few years since I've used autoconf, so I'm not certain the new defines were integrated correctly. Jason diff -r -C3 openssh-4.0p1/acconfig.h openssh-4.0p1.trix/acconfig.h *** openssh-4.0p1/acconfig.h Fri Feb 25 17:07:38 2005 --- openssh-4.0p1.trix/acconfig.h Thu May 12 10:32:25

I've finished the 2.3 patch for Irix job limits. It's a bit longer than a couple of lines. The bulk of the patch changes the configuration files to enable the job limits support on Irix. The meat of the change is in session.c where the new job containter is created at the same point as the other Irix specific actions. - Dennis --- config.h.in Sun Nov 5 21:25:18 2000 +++ config.h.in

There is an error when installing ssh as a non root user on SGI IRIX 6.5.5m. See the error below when negotiating connection: ---BEGIN ERROR LISTING--- ssh -c blowfish -P -v -p 3400 -X -i /usr/people/bozo/.ssh/identity -l bozo 1.2.3.4 SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /free/bozo/sgi/etc/ssh_config debug:

The current configuration only works if xauth can be found at /usr/X11R6/bin/xauth, which creates some problems when running sshd on an openwin system. Contained below are patches to find the path of xauth in configure, and set the path in config.h. (also contained is a patch for configure for those without autoconf) Also-- added #include "bsd-daemon" to includes.h, which quiets a

Known issues: 1) Linux 'sleep 20' -- Unfixable before 2.5.0 (known work around) 2) HP/UX signal issue -- Patched and HP/UX 11 works in v2 3) SCO 2/ Native Compiler -- Unfixable before 2.5.0 (known work around) 4) NeXTStep -- Resynced, MAX_GROUPS vs NGROUPS unresolved (not major) 5) DG/UX regcomp/regexec -- Fixed. 6) Cray signal issues -- ??? 7) Solaris '$PATH' issue -- ??

I have a few patches for AIX. The patchfile is attached below. The patch has been tested on AIX4.2 and AIX4.3. The patch is on openssh-1.2.1pre25, with openssl-0.94, using RSAref. 1) authenticate support - this function allows the system to determine authentification. Whatever the system allows for login, authenticate will too. It doesn't matter whether it is AFS, DFS, SecureID, local.

Is this bug? % runsocks ssh HOST.DOMAIN.COM Segmentation fault (core dumped) My environemnt: Solaris2.6 for Sparc gcc-2.95.2 perl.5.005_03 openssl-0.9.5a zlib-1.1.3 egd-0.7 socks5-v1.0r10 (`runsocks' is a tool in it.) --- entropy.c.ORIG Tue May 30 18:34:31 2000 +++ entropy.c Tue May 30 18:49:45 2000 @@ -82,8 +82,6 @@ c = atomicio(read, egd_socket, buf,