similar to: getting OpenSSH/OpenSSL to utilize /dev/random

http://bugzilla.mindrot.org/show_bug.cgi?id=398 mouring at eviladmin.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From mouring at eviladmin.org

has anyone had a problem building 3.1p1 with Solaris 8 (2/02 release)? That release of Solaris was the first (I believe) to incorporate their own /dev/random which OpenSSH 3.1 doesn't seem to like too much. When I run the configure, it reports that Random Number Source is set to use the rand-helper. If I use the ANDIrand Solaris package as my /dev/random, It configures properly (Random

maybe this is a silly question ;-) But why is it possible to login on a machine with a locked account (passwd -l ) via pubkey-authentication (authorized_keys) ? I use OpenSSH3.01p1on Solaris8 with PAM support so I thought this should not happen. If this is the normal behaviour and built in intentionally what would be the easiest way to lock an account without deleting the users authorized_keys ?

Hi, According to IETF draft draft-ietf-secsh-transport-14.txt, different ciphers(encryption), MAC and compression can be used for one direction say server-to-client and a completely different cipher, MAC and compression for the other direction client-to-server of the same connection. Is this supported today in OpenSSH, and if not, are there plans to support it in any future releases of the code?

I feel very silly asking this, because I saw the answer to this question one time and can't remember what it was. OpenSSH uses /dev/urandom or /dev/random which Solaris does not have (verified with a call to the Sun software folks). How do I make OpenSSH happy with a Solaris substitute for /etc/urandom? Thanks Tim Nibbe Supervisor of System Administration Sprint IP Dial Support Services

I have removed ANDIrand from my Solaris8 system and installed patch 112438-01 which provides native /dev/random and /dev/urandom devices. Recompiled both openssl-0.9.6c and openssh-3.1p1, restarted sshd. Now I seem unable to use scp, and connections to the local sshd appear to be very slow. $ scp php-4.2.0.tar.gz user at remote:/WWWserv/src local at bastion's password: php-4.2.0.tar.gz

on solaris7/sparc this device doesn't exists i can use EGD but he very big (perl script!) - in memory it take about 4mb! apache use the same! why ssh1.27 doesn't requre /dev/urandom on solaris? what alternatives exists?

Has anyone had success with getting /dev/random to work after installing SUNWski? After I install the pkg and start /etc/ init.d/cryptorand, the /dev/random file remains 0 bytes. I am running Solaris 2.8 - David

Hello, I have attempted several times to compile openssh3.1p1 that will use a random package called ANDIrand. How can I compile and get ssh to use this random number generator? I have tried the --rand-helper switch with my configure and still it does not work. I am compiling in Solaris 8, and need to then create a package that can be used on Solaris 6, Solaris 7, and Solaris 8. Thanks, Eric

There was some discussion recently about the Solaris /dev/random support that can be downloaded from Sun's patch archive as part of a patch to the Sun Web Server 1.0 product. The SUNWski package is the interesting bit that purports to provide /dev/random. It was noted that domestic and international versions of the patch existed and that only the international (no encryption) version was

On Thu, Jan 13, 2000 at 17:34:10, Andre Lucas wrote: > Subject: /dev/urandom > On Thu, Jan 13, 2000 at 09:24:01AM -0700, SysProg - Nathan Paul Simons wrote: > > On Thu, 13 Jan 2000, Ben Taylor wrote: > > > > > On Thu, 13 Jan 2000, Max Shaposhnikov wrote: > > > > why ssh1.27 doesn't requre /dev/urandom on solaris? > > > > i think the

if i want to learn more about implementing a /dev/urandom, where would be a good place to start? thanks, wendy -- wendy palm Cray OS Sustaining Engineering, Cray Inc. wendyp at cray.com, 651-605-9154

http://bugzilla.mindrot.org/show_bug.cgi?id=517 Summary: bad "put" arg parsing Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sftp AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: djm at

Hi, I'm like to try a get the new release to work with Sun's new device, that can be installed with patch 112438-01. I compiled SSL attempting to point it at the random device: cd openssl-0.9.6d ./Configure solaris-sparcv7-gcc make DEVRANDOM="/kernel/drv/random" And then ran the SSH configure: ./configure --prefix=/opt/OBSDssh --with-pam --without-rsh \ --sysconfdir=/etc/ssh

I'm trying to update an ssh 1.2.27 to OpenSSH 3.0.2p1 and am running into a problem. I've successfully built zlib 1.1.4, OpenSSL 0.9.6c, and tcp_wrappers , but when I attempt to run configure, I get the error about the missing posix regex. So I attempted to download and use pcre (the Perl hack to expose perl regex to posix. But I can't build that since it calls strtoul() (string to

Here is a patch to add the missing scp -1 and -2 options to eliminate confusion for users familiar with the commercial version of SSH. This patch and others are maintained on the secure nfs (SNFS) web page: http://www.math.ualberta.ca/imaging/snfs/ -- John Bowman University of Alberta diff -ur openssh-3.0.2p1/scp.c openssh-3.0.2p1J2/scp.c --- openssh-3.0.2p1/scp.c Sun Oct 21 18:53:59 2001 +++

Hello, Being new to the list i hope this question has not been asked before.... As you might know Solaris 9 supportes /dev/random and /dev/urandom bij default and earlier version need to install a patch to have these devices.... But the configuration script under Solaris (Sparc/X86) does not test the existing of the devices... is this to be known as a error/bug? and is there a patch? thanks --

I've spent the morning looking at making some RPMs for Fedora Core 1 and run into a problem with GSSAPI. Basically the default install of Fedora doesn't come with the necessary gssapi code to build the RPMs by default (i.e. you need to say %define kerberos5 0 in openssh.spec). Since Fedora is going to fork off from RedHat I was going to create a set of patches to make a

John, The following steps should work for you (or anyone buildling on a RedHat box): 1) Get the official OpenSSH source RPM from ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/rpm/SRPMS/openssh-3.7.1p2-1.src.rpm 2) Do 'rpmbuild --rebuild ./openssh-3.7.1p2-1.src.rpm' from where you saved the file. 3) This should create the following files in /usr/src/redhat/RPMS/i386:

http://bugzilla.mindrot.org/show_bug.cgi?id=912 Summary: PATCH: Fix head(1) call in regress/yes-head.sh Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: openssh-bugs at mindrot.org