Hosting Provided By

Re: Clarification: OpenSSH entropy sources?

From: Ben Lindstrom <mouring(at)etoh.eviladmin.org>
Date: Fri May 02 2003 - 14:38:33 EDT

OpenSSH does the following behavior.

Checks of OpenSSL can seed itself. If can use it.
If it can't and no ssh prng helper is configured, fail.
if ssh prng helper is configured try to use it.
if ssh prng helper can not produce enough, fail.

So it will always try and use OpenSSL provided entropy before trying the ssh-prng-helper. This provides the ability for platforms like Solaris that just gained a /dev/random to use it without a recompile.

On Fri, 2 May 2003, Jonathan Sturges wrote:

> I got no reply from comp.security.ssh so I'm forwarding it to the list.
Received on Fri May 2 15:06:53 2003

This message: [ Message body ]
Next message: Ben Lindstrom: "Re: Restricting sshd connections by server key file"
Previous message: Karl Tipple: "ssh help - Red Hat LINUX 7.3"
In reply to Jonathan Sturges: "Clarification: OpenSSH entropy sources?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:58 EDT