Re: Open SSH v3.6.1p1

From: Max Gregis (mgregis@sorint.it)
Date: 04/15/03

  • Next message: QB=FChl=2C_Reiner=2C_VIS-TOLx=22?=: "X11 Forwarding without X11Forward option in sshd_config?"
    Date: Tue, 15 Apr 2003 09:44:36 +0200
    From: Max Gregis <mgregis@sorint.it>
    To: Alan Vidmar <Alan.Vidmar@Colorado.edu>
    
    

    Hi Alan,

    On my old Solaris 2.6 i used this complie option for using prngd:

    --with-prngd-socket=/some/file allows you to enable EGD or PRNGD
    support and to specify a PRNGd socket. Use this if your Unix lacks
    /dev/random and you don't want to use OpenSSH's builtin entropy
    collection support.

    After i compiled PRNGD i made this steps:

    # cp -p prngd /usr/local/bin
    # mkdir /usr/local/etc
    # mkdir /usr/local/etc/prngd
    # cat /var/log/syslog > /usr/local/etc/prngd/prngd-seed
    # cp -p prngd-0.9.25/contrib/Solaris-7/prngd.conf.solaris-7 /etc/prngd.conf

    # mkdir /var/spool/prngd

    Start PRNGD daemon as follows:

    # /usr/local/bin/prngd /var/spool/prngd/pool

    During openssh configure phase i used this option:

    --with-prngd-socket=/var/spool/prngd/pool

    The last configure messages should be something like this:

    .
    .
    .
    Translate v4 in v6 hack: no
                      BSD Auth support: no
                  Random number source: ssh-rand-helper
         ssh-rand-helper collects from: Unix domain socket "/var/spool/prngd/pool"

    and you can do:

    make
    make install

    hope this help you

    Max

    Monday, April 14, 2003, 9:55:43 PM, you wrote:

    AV> Hi All,

    AV> I'm trying to get Open SSH v3.6.1p1 to install on one of my AIX
    AV> 5.1.003 boxes.

    AV> I'm following the IBM tutorial:Deploying OpenSSH on AIX
    AV> http://www-1.ibm.com/servers/esdd/tutorials/aix_ssh/index.html

    AV> But of course using the most recent version of OpenSSL (0.9.7b)
    AV> and OpenSSH (3.6.1p1) due to the security problems with prior
    AV> versions. Also I'm using GCC v3.2.1 and PRNGD v0.9.27.

    AV> I've run into a snag when setting up the compiler for OpenSSH. I
    AV> cannot get the compiler options to use the PRNGD (Pseudo
    AV> Random Number Generator Daemon) instead of the OpenSSL
    AV> internal for the "Random number source".

    AV> Here is my config line: "./configure --sysconfdir=/etc/ssh --with-
    AV> prngd-socket=/dev/egd-pool -- with-pid-dir=/var/tmp"

    AV> I do have PRNGD running, so I'm not sure why it won't select it
    AV> correctly.

    AV> Any ideas?

    AV> TIA,
    AV> Alan

    AV> "I don't have time to be impatient."
    AV> Alan R. Vidmar Assistant Director of IT
    AV> Office of Financial Aid University of Colorado
    AV> Alan.Vidmar@Colorado.EDU (303)492-3598
    AV> *** This message printed with 100% recycled electrons ***


  • Next message: QB=FChl=2C_Reiner=2C_VIS-TOLx=22?=: "X11 Forwarding without X11Forward option in sshd_config?"