Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Bugs
[Bug 630] built-in ssh-rand-helper
bugzilla-daemon at mindrot
Aug 25, 2003, 8:57 AM
Post #1 of 4 (697 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=630

Summary: built-in ssh-rand-helper
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: aet@cc.hut.fi


OpenSSH 3.1p1 introduced ssh-rand-helper, a subprocess to gather
randomness for legacy OS's that still don't have /dev/urandom. Sadly
here at HUT/CC as well we have a few mission critical servers that
need ssh-rand-helper, but a static linking instead of external
subprocess with hardcoded exec paths is preferred.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 630] built-in ssh-rand-helper [ In reply to ]
bugzilla-daemon at mindrot
Aug 25, 2003, 8:59 AM
Post #2 of 4 (686 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=630





------- Additional Comments From aet@cc.hut.fi 2003-08-26 02:59 -------
Created an attachment (id=373)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=373&action=view)
This patch modifies ssh-rand-helper source, so that you can link randomness
code staticly, like OpenSSH 3.0.2p1 used to do as only option.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 630] built-in ssh-rand-helper [ In reply to ]
bugzilla-daemon at mindrot
Aug 25, 2003, 4:51 PM
Post #3 of 4 (683 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=630

djm@mindrot.org changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX



------- Additional Comments From djm@mindrot.org 2003-08-26 10:51 -------
Thanks, but we are trying to move the responsability for randomness collection
further away from OpenSSH, rather than closer in. It just doesn't make sense for
each app to do its own entropy collection.

I'd prefer to deprecate ssh-rand-helper entirely and give all the responability
to OpenSSL, but that is a matter for another release :)



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 630] built-in ssh-rand-helper [ In reply to ]
bugzilla-daemon at mindrot
Aug 26, 2003, 5:32 AM
Post #4 of 4 (683 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=630





------- Additional Comments From aet@cc.hut.fi 2003-08-26 23:32 -------
Ah, that's good to hear. :) Maybe I'll glue out some issues with
prngd in the future and use it with OpenSSL, so that I won't
have to maintain ugly patch like this anymore.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal