Clarification: OpenSSH entropy sources?

From: Jonathan Sturges (jonathan_at_sprintmail.com)
Date: 05/02/03

  • Next message: James and Shannon Woest: "Restricting sshd connections by server key file" 
    To: <secureshell@securityfocus.com>
Date: Fri, 2 May 2003 11:45:48 -0400

    I got no reply from comp.security.ssh so I'm forwarding it to the list.
    Any straight answers on this tremendously appreciated.

    thanks,
    Jonathan

    > I am building OpenSSL 0.9.7b and OpenSSH 3.6.1p1 under Solaris 8. My
    > OpenSSL is configured to use the Solaris /dev/random supplied in
    112438-01.
    >
    > With OpenSSH 3.6.1p1, how are entropy sources handled? During
    > configuration, it identifies that OpenSSL's PRNG is internally seeded;
    this
    > is true, due to the existence of /dev/random.
    >
    > But, my confusion comes from the use of OpenSSH's rand-helper. If you run
    > "configure" with "--with-rand-helper", at the end of the configuration you
    > get:
    >
    > Random number source: ssh-rand-helper
    > ssh-rand-helper collects from: Command hashing (timeout 200)
    > ...
    >
    > WARNING: you are using the builtin random number collection
    > service. Please read WARNING.RNG and request that your OS
    > vendor includes kernel-based random number collection in
    > future versions of your OS.
    >
    >
    > ...which sounds worrisome. It sounds like it will never use OpenSSL's
    > internal source (ie, /dev/random) at all.
    > But if you use "--without-rand-helper" you get:
    >
    > Random number source: OpenSSL internal ONLY
    >
    >
    > So the question is, is OpenSSH with rand-helper enabled ignoring the fact
    > that OpenSSL has an entropy source, or will it try to use OpenSSL's
    internal
    > source and just "fall back" to ssh-rand-helper if need be? I saw a
    previous
    > post where someone says the latter is true; however, due to the warning
    you
    > get at configuration time it makes me think it's only trying to use
    > ssh-rand-helper and never tries OpenSSL's internal source. OTOH, I never
    > get "PRNG not seeded" messages, so maybe it isn't starving for entropy.
    > Can someone explain what is really happening?
    >
    > thanks!
    > Jonathan
    >
    >

  • Next message: James and Shannon Woest: "Restricting sshd connections by server key file"

    Relevant Pages

    • ssh-agent risks and warning in OpenSSH 3.9p1
      ... I was building OpenSSH 3.9p1 on Solaris 8, and got this warning at ... >user can connect to your agent. ... I've built previous releases of OpenSSH with similar options on this ... It sounds like the threat is from processes on the originating/client ...
      (SSH)
    • Re: [opensuse] Re: suse 11.x sources
      ... done in the linux open-source world all the time. ... the need to 'recompile' openssh? ... I believe his warning isn't so much just the need to rebuild openssh, it is that there are many OTHER packages that are built against the libraries in openssh, which all may need to be rebuilt against the newer version of openssh. ...
      (SuSE)
    • AIX 4.3.3/OpenSSH 3.4p1 compile problem
      ... I am having a problem building OpenSSH on my AIX 4.3.3 box. ... openssl 0.9.6d (compiled with xlc) ... I did get one warning from configure but not sure if it is related: ...
      (comp.security.ssh)
    • Re: SSH 3.0.2 wont install
      ... > Far as I know openssh 3.x does not allow you to define an ACL in ... The hosts.allow file on my FreeBSD-4.3 box came with the following warning: ... What's the reasoning behind the warning not to wrap sshd? ...
      (comp.security.ssh)
    • Re: SSH 3.0.2 wont install
      ... >> Far as I know openssh 3.x does not allow you to define an ACL in ... > What's the reasoning behind the warning not to wrap sshd? ...
      (comp.security.ssh)