similar to: [Bug 380] New: SSH compiled to use EGD.PL won't start without it!!

http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=380 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX ------- Additional Comments From djm at mindrot.org

The usual suspects: Solaris 8 gcc 2.95.2 perl 5.60 egd 0.7 openssl 0.95.a openssh 1.2.3 # egd.pl /etc/entropy --- It works the first few minutes and then just stops working. OpenSSH connections started still work, ssh just hangs with a new connection. I've even tried --bottomless; no joy. 0.6 and Solaris 7 worked great. I'm going to try the /dev/random that was mentioned before. Any

Hello all, I was finally able to create the OpenSSH package for Solaris 8 10/01. The problem I have now is that I will still need to have entropy ready prior to openssh-3.1p1 package installation. Otherwise there is no entropy pool available (with the new servers) and key generation fails. With the previous versions of openssh, I used SUN's "makeOpenSSHPackage.ksh" script and was

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Howdy all. I've just released version 0.7 ("the Brown Paper Bag" release) of EGD. The Entropy Gathering Daemon is primarily intended as a source of randomness for GnuPG, for use on systems which lack a /dev/random device. version 0.6, which has been available for about 8 months, had a serious and embarrasing bug in which the gathered

Hi. I recently snookered myself: I build OpenSSH on an old box that didn't have /dev/random, but happened to be running prngd at the time for other reasons. Because I wanted to use commands, I configured --with-rand-helper, however configure found the prngd socket and built ssh-rand-helper to use it exclusively. Next reboot: no prngd, no random seed, no sshd. Do not log in, do not

https://bugzilla.mindrot.org/show_bug.cgi?id=1781 Summary: Document how to use Solaris 10 /dev/random Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Documentation AssignedTo: unassigned-bugs at mindrot.org

Hi, when running OpenSSH with EGD as entropy source, the sshd server connects to the EGD socket and leaves it open to re-seed on the fly. Unfortunately the connection is not checked when re-seeding, so that a failure or restart of EGD will lead to a "fatal()" abort of the sshd server process. Since a dying server process can not be accepted, I would recommend to not have sshd call it

There are a couple of issues regarding egd support in OpenSSH. 1) SIGPIPE is not ignored for the master listener daemon. I put the signal() call early on since it needs to be before get_random_bytes() is called but it could also be placed in the EGD version of get_random_bytes(). For some reason, with prngd I am getting SIGPIPE even though the prngd processes is not dying.

EGD 0.7 was released this weekend and I would highly recommend that everyone here that uses EGD upgrades. While doing some research last week I found a typo in the add_entropy() function that prevented any new entropy from being introduced into the system (in other words the entropy pool was a recursive hash of 0's). If the commands return in the same order, then the output bits are in

I have successfully compiled OpenSSH 3.1p1 for the following systems: Solaris 8 Solaris 7 Irix 6.5.14 Irix 6.5.4 SunOS 4.1.3_U1 Unfortunately, the new sshd is not working on any of the above systems with the exception of Solaris 7. (I then put the Solaris 7 executables on Solaris 8, and they worked there too.) This is the error I'm getting: $ /usr/etc/sshd -D -d -d -d debug3: Seeing PRNG

On Thu, Jan 13, 2000 at 17:34:10, Andre Lucas wrote: > Subject: /dev/urandom > On Thu, Jan 13, 2000 at 09:24:01AM -0700, SysProg - Nathan Paul Simons wrote: > > On Thu, 13 Jan 2000, Ben Taylor wrote: > > > > > On Thu, 13 Jan 2000, Max Shaposhnikov wrote: > > > > why ssh1.27 doesn't requre /dev/urandom on solaris? > > > > i think the

Just tried out ssh in pre13, and still get the EGD problem? :( new-relay:/usr/slocal/src/openssh-1.2pre13> ./ssh -l marc atelier The authenticity of host 'atelier.acadiau.ca' can't be established. Key fingerprint is 1024 ef:36:b5:f8:a3:bb:14:4d:a9:4b:f2:90:9a:bd:bb:00. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added

I have a need to have the same OpenSSH binaries run on multiple machines which are administered by different people. That means on Solaris, for example, there will be some with /dev/random, some on which I can run prngd because they'll be installing my binaries as root, and some which will have neither because they will be only installed as non-root. Below is a patch to enable choosing all 3

Hi! I have just made the 0.9.0 release of PRNGD available. PRNGD is the Pseudo Random Number Generator Daemon. It has an EGD compatible interface and is designed to provide entropy on systems not having /dev/*random devices. Software supporting EGD style entropy requests are openssh, Apache/mod_ssl, Postfix/TLS... Automatic querying of EGD sockets at fixed locations has been introduced in the

Before I actually implement the small changes needed to allow the location of ssh-rand-helper to be specified in the config file, I'd like to check that in doing so I won't be opening up a huge security hole. My brief reading of the code suggests that in entropy.c:seed_rng() the ssh-rand-helper is run as the original uid (for binaries which were setuid in the first place of course), so I

a small fix for the PRNG/EGD section -- Tim Rice Multitalents (707) 887-1469 tim at multitalents.net -------------- next part -------------- --- openssh_cvs/configure.in.old Tue Feb 27 12:56:06 2001 +++ openssh_cvs/configure.in Tue Feb 27 16:54:48 2001 @@ -5,6 +5,7 @@ AC_CONFIG_HEADER(config.h) AC_PROG_CC AC_CANONICAL_HOST +AC_C_BIGENDIAN # Checks for programs. AC_PROG_CPP @@ -1279,14

[NOTE: I'm new to this list and this is my first approach to OpenSSH code.] I've enhanced "--with-prngd-port=PORT" flag to accept an optional hostname as in "myhost:myport", e.g.: % ./configure --with-prngd-port=example.com:12345 Although I'm certain that this may cause big trouble if remote gatherer isn't online (ssh will refuse to open any connection) I

FYI. Maybe ppl with access to Solaris can look at this. Niels. From: mark at salfrd.ac.uk (Mark Powell) Newsgroups: comp.security.ssh Subject: Re: openssh on a non-PAM system? Date: 6 Dec 1999 14:10:21 -0000 Message-ID: <82gg4d$15ta$1 at plato.salford.ac.uk> In article <x7zovrqhrv.fsf at bombadil.nic.net>, Dan Lowe <dan at bombadil.nic.net> wrote: >mark at salfrd.ac.uk

http://bugzilla.mindrot.org/show_bug.cgi?id=269 Summary: OpenSSH doesn't compile with dynamic OpenSSL libraries Product: Portable OpenSSH Version: -current Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-unix-dev at

Hello, I have installed OpenSSH 2.3.0p1 on a DEC AlphaServer 4000 under Tru64 UNIX 4.0F and on a DEC AlphaStation 200 under Tru64 UNIX 5.1. I tested Protocol 2 and 1 with RAS authentication resp. DSA authentication an both work well. There is one bug: I cannot view the man pages for OpenSSH under Compaq Tru64 UNIX. Are they in a special format which is not understood by the Tru64 UNIX man