similar to: ssh-keygen hangs with empty prngd.conf - bug ?

Hi! I have just made the 0.9.0 release of PRNGD available. PRNGD is the Pseudo Random Number Generator Daemon. It has an EGD compatible interface and is designed to provide entropy on systems not having /dev/*random devices. Software supporting EGD style entropy requests are openssh, Apache/mod_ssl, Postfix/TLS... Automatic querying of EGD sockets at fixed locations has been introduced in the

I upgraded from OpenSSH_3.0.2p1 to OpenSSH 3.4p1. Starting SSHD or ssh-keygen I'm getting the "PRNG is not seeded". I have verified that prngd is running and "egc.pl /var/spool/prngd/pool get" runs just fine reporting 32800 bits of entropy. My platform is Solaris 8 (sparc) and I downloaded binaries from www.sunfreeware.com. My guess is the build of OpenSSH 3.4.p1 is

There are a couple of issues regarding egd support in OpenSSH. 1) SIGPIPE is not ignored for the master listener daemon. I put the signal() call early on since it needs to be before get_random_bytes() is called but it could also be placed in the EGD version of get_random_bytes(). For some reason, with prngd I am getting SIGPIPE even though the prngd processes is not dying.

Just for peace of mind, can someone who knows the openssh code better than I do, confirm that openssh doesn't use (in any circumstances) the openssl prng (since the code in versions prior to 0.9.6b is rather weak). My understanding is that it doesn't (using either /dev/random, egd, prngd or the builtin code), but I may have missed some other use of the openssl prng elsewhere... -- Jon

Hi, I'm running openssh 2.1.1p4 on Solaris 7 (sparc). Occationally, when I boot up the server, the startup script I wrote to start sshd fails to start sshd with the following error: fatal: Not enough entropy in RNG What am I doing wrong?? Is there anything I can do to prevent this from happening? Is just restarting sshd a valid thing to do?? Thanks for any thoughts, David

To Whomever can assist, I am looking for anyone who has gotten OpenSsh 3.7.1p2 to build under HP-UX 10.20. I am working with the latest gcc (v. 3.3.1), gmake (v. 3.80), and Openssl (0.9.7c) and I still can not get OpenSsh to build properly. It errors out on the build process with a: loginrec.c:1405: dereferencing pointer to incomplete type cing pointer to incomplete type loginrec.c:1514:

Hi! The handling of the "status" information in bsd-waitpid.c and bsd-nextstep.c seems to be bit odd. Patch attached. Best regards, Lutz -- Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz

Hello, I apologize if this is the wrong list. It was the list I was directed towards. I have reviewed the archives as well as everything I could google before posting. Any help is most appreciated: We're seeing an error during sftp and ssh connections with consistent regularity. It's triggered by a high number of connections coming into sftp/ssh at the same time. It affects

Hi! I have just uploaded version 0.9.28 of prngd. It does fix a hang in an endless loop under certain conditions. I have never seen this myself on HP-UX but I have received some reports, more or less all from Solaris 8 users, one of which finally lead to the correct analysis. Problem: after calling waitpid(), errno is evaluated for the case of waidpid()=0 even though errno is not set in this

http://bugzilla.mindrot.org/show_bug.cgi?id=953 Summary: openssh session hanging - prngd[671]: write() in socket_write() failed: Broken pipe Product: Portable OpenSSH Version: 3.7.1p2 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh

[NOTE: I'm new to this list and this is my first approach to OpenSSH code.] I've enhanced "--with-prngd-port=PORT" flag to accept an optional hostname as in "myhost:myport", e.g.: % ./configure --with-prngd-port=example.com:12345 Although I'm certain that this may cause big trouble if remote gatherer isn't online (ssh will refuse to open any connection) I

Hi there, I have all my additional software mounted from one central place. Therefore I'm trying to limit all unnecessary local files. Local config files are ok... e.g. keys, ssh_config etc, but why needs ssh_prng_cmds to be in /etc? So why not put it into $bindir? There are no problems doing this with a few manual fixes. So are there any security concerns? Is it possible to make this a

Hello, over the last few days I've been attempting to compile openssh-3.4p1 on a HP j5000 (hpux 10.20) but have run into some problems. I had found the paper from Kevin Steves and have been following his suggested steps. Perl, zlib, prngd, tcp_wrappers and openssl all compiled more or less as he described. The configure script runs without protest but make gets hung up in

Hi! when using agent forwarding, the connection hangs on exit, if the agent has been accessed. Symptoms: - On the client side, when the agent is accessed, the following output is being logged: debug1: channel 1: new [authentication agent connection] debug1: confirm auth-agent at openssh.com debug1: channel 1: rcvd eof debug1: channel 1: output open -> drain debug1: channel 1: obuf empty

Hi, With reference to my previous mail: 1. I use openssh-2.9p2 on a LynxOS i386 system. The ssh and scp clients work fine. Even sftp from other Linux systems works. But, if I run the sftp client in LynxOS to localhost (LynxOS) or remote sshd in Linux, the authentication succeeds, prints sftp> prompt and then exits. I don't know why this happens. The problem is with the sftp client

Dear Developer, I'm having problem running ssh_keygen on my solaris 7 box. Can you please tell me as to why I'm getting this error as described below? I don't have that problem with solaris 8 that runs SMCossh 3.0.2p1 Thanks in advance. Louie # /usr/local/bin/ssh-keygen ld.so.1: /usr/local/bin/ssh-keygen: fatal: libcrypto.so.0.9.6: open failed: No such file or directory Killed #

http://bugzilla.mindrot.org/show_bug.cgi?id=953 ------- Additional Comments From stanislaw.walczak at sympatico.ca 2004-12-17 09:16 ------- I run it only for 10 minutes "openssl rand -base64 20480" - did not hang or abort. Security group said no for prngd 0.9.25 upgrade. Could you please tell me more about prngd bug ? what the symptoms are ? ------- You are receiving this mail

http://bugzilla.mindrot.org/show_bug.cgi?id=361 ------- Additional Comments From Lutz.Jaenicke at aet.TU-Cottbus.DE 2002-07-19 17:37 ------- OpenSSH's "configure" command will only pick up a new installation of PRNGD, when it is running during the call to configure. Thus make sure to * install prngd first and check its proper operation. * then run OpenSSH's configure

Hi, I have ported the portable version of openssh (openssh-2.9p2) to LynxOS. I have had to install Perl5 and openssl-0.9.5a. Also since the regex library in LynxOS is not POSIX compliant I had to use PCRE. Then I configured openssh-2.9p2 with the library option -lbsd. One more problem was the macro "howmany(x,y)" is not defined in any of the /usr/include header files n LynxOS. So I

Hi, I work on openssh-2.9p2 installed on LynxOS i386 system. sshd, ssh, scp and sftp-server all work fine. The problem is sftp client, in interactive mode, exits after authentication printing the sftp prompt. sftp client works fine in non-interactive mode. i.e., lynxos>sftp hari at linuxsystem:test works fine But, lynxos>sftp hari at linuxsystem ... sftp> lynxos> Any help, as to why