similar to: a question make me crazy

http://bugzilla.mindrot.org/show_bug.cgi?id=575 Summary: a bug make me crazy--PRNG is not seeded Product: Portable OpenSSH Version: -current Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-bugs at mindrot.org

Hi when i restart sshd I get PRNG is not seeded # /etc/init.d/sshd restart PRNG is not seeded # No idea as what is going on Thanks and Regards Kaushal

Hi, dovecot tries to use OpenSSL's PRNG to generate random numbers if there is no /dev/urandom found. Unfortunately, it is flawed in its present form, since the PRNG is not seeded before RAND_bytes() is called in src/lib/randgen.c (on systems which have /dev/urandom, OpenSSL automatically seeds its PRNG from the urandom device). Here's a patch to address this issue: it tries to seed

Hi, with current test releases SSL doesn't work anymore for me on AIX 4.3 with dovecot-0.99.10-test14. It worked with 0.99.9.1. dovecot: Jun 23 19:42:23 Info: Dovecot starting up imap-login: Jun 23 19:42:25 Fatal: RAND_bytes() failed: error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded imap-login: Jun 23 19:42:25 Fatal: RAND_bytes() failed: error:24064064:random number

This is likely a linux or ssh problem, but perhaps someone else on this list may have encountered it. I have run about 15,000 instances of rsync in the last year, (about 500 total hours of rsyncing) using ssh as a transport mechanism ( actually, I am running the dirvish backup wrapper, www.dirvish.org, around rsync). In all cases, I am pulling filesystems from a linux client to a linux backup

hi I am using Solaris 8 and installing the 3.8 openssh software that I received from www.sunfreeware.com I following the installation instruction see attachment but when I get to ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N "" I get a PRNG is not seeded could you help me in this matter. Thank you for your cooperation. Spencer Crim

I upgraded from OpenSSH_3.0.2p1 to OpenSSH 3.4p1. Starting SSHD or ssh-keygen I'm getting the "PRNG is not seeded". I have verified that prngd is running and "egc.pl /var/spool/prngd/pool get" runs just fine reporting 32800 bits of entropy. My platform is Solaris 8 (sparc) and I downloaded binaries from www.sunfreeware.com. My guess is the build of OpenSSH 3.4.p1 is

Over the holidays, I intend to finally rid portable OpenSSH of the builtin entropy collection code. Here's what I intend to do: When init_rng is called, we'll check OpenSSL's RAND_status(). If this indicates that their PRNG is already seeded, we'll do nothing. This effectively detects platforms which have /dev/urandom (or similar) configured into OpenSSL. If OpenSSL isn't

On 05/25/2018 09:17 AM, Michal Privoznik wrote: >>> We should probably seed it with data from /dev/urandom, and/or the new >>> Linux getrandom() syscall (or BSD equivalent). > > I'm not quite sure that right after reboot there's going to be enough > entropy. Every service that's starting wants some random bits. But it's > probably better than what we

http://bugzilla.mindrot.org/show_bug.cgi?id=1149 Summary: Does not build on QNX Product: Portable OpenSSH Version: 4.3p1 Platform: ix86 OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: bitbucket at mindrot.org ReportedBy: kraai at ftbfs.org

Hi All, First method:- >library(XML) >theurl <- "http://home.sina.com" >download.file(theurl, "tmp.html") >txt <- readLines("tmp.html") >txt <- htmlTreeParse(txt, error=function(...){}, useInternalNodes = TRUE) >g <- xpathSApply(txt, "//p", function(x) xmlValue(x)) >head(grep(" ", g, value=T)) [1] " |

On 05/29/2018 03:38 PM, Martin Kletzander wrote: > On Fri, May 25, 2018 at 09:37:44AM -0500, Eric Blake wrote: >> On 05/25/2018 09:17 AM, Michal Privoznik wrote: >> >>>>> We should probably seed it with data from /dev/urandom, and/or the new >>>>> Linux getrandom() syscall (or BSD equivalent). >>> >>> I'm not quite sure that right

It’s Centos 7 and I thought all I had to do was set up nsswitch.conf for it to work. cordially yours, Sina Owolabi Mob: +2348034022578 Skype: darkchild2011 On 9 Nov 2017, 4:24 PM +0100, Rowland Penny via samba <samba at lists.samba.org>, wrote: > On Thu, 9 Nov 2017 15:58:04 +0100 > Sina Owolabi <notify.sina at gmail.com> wrote: > > > Yes I did setup libnss_winbind.

On Sun, Jul 24, 2005 at 04:06:02PM +0200, Poul-Henning Kamp wrote: +> In message <20050724135738.GM46538@darkness.comp.waw.pl>, Pawel Jakub Dawidek writes: +> +> >We should probably test entropy quality on boot. +> >I've somewhere userland version of /sys/dev/rndtest/ which implements +> >FIPS140-2 tests for (P)RNGs. We can use put it into rc.d/ and warn users.

http://bugzilla.mindrot.org/show_bug.cgi?id=328 ------- Additional Comments From luc at suryo.com 2002-07-02 06:45 ------- This may not be a openssh problem.... If the openssh/openssl was compiled to use /dev/urandom (or /dev/random) and your system does not have the proper path installed to support /dev/urandom (or /dev/urandom) this is what you will see when you try to start sshd/ssh

Yes I did setup libnss_winbind. wbinfo -u and -g on the domain member both work: [root at testfsrv ~]# wbinfo -u SAMDOM\testakin SAMDOM\testsina SAMDOM\testigein SAMDOM\administrator SAMDOM\krbtgt SAMDOM\guest [root at testfsrv ~]# wbinfo -g SAMDOM\allowed rodc password replication group SAMDOM\enterprise read-only domain controllers SAMDOM\denied rodc password replication group SAMDOM\read-only

On Tue, May 29, 2018 at 10:06:25AM -0400, John Ferlan wrote: > > >On 05/29/2018 09:44 AM, Michal Privoznik wrote: >> On 05/29/2018 03:38 PM, Martin Kletzander wrote: >>> On Fri, May 25, 2018 at 09:37:44AM -0500, Eric Blake wrote: >>>> On 05/25/2018 09:17 AM, Michal Privoznik wrote: >>>> >>>>>>> We should probably seed it with

Aside from the replay attacks discussed, there are some other attack vectors on the cookie_session store. I appreciate (and admire!) Jeremy''s good humor on all of this: > Planting the seed here led to quick ripening and plenty of pesticide. > Thanks for the fish, all. > > jeremy Anyway, here''s what we came up with: 1. Brute Force SHA512 can be computed _very_ fast.

Hi List, Please I need to answer this question... I have a friendly organization profiling Linux software solutions as an alternative to a Windows-based back end. I've been asked to find out if there's an alternative to the Windows Rights Management service. Im curious though, if Samba 4 could integrate with it? Thanks!

Hello all, I tried OpenSSH versions 2.1.1p4, 2.2.0p1 and the latest snapshot briefly on 64-bit Irix 6.5.7f an 6.5.9m. Both times, no matter what I do, I'll get 'PRNG initialization failed -- exiting'. This happens with ssh-keygen (the keys aren't even generated yet, ssh binary etc.) It's clear that Irix etc. don't have a proper entropy pool like *BSD and Linux do, but