Clarification: OpenSSH entropy sources?

From: Jonathan Sturges (jonathan_at_sprintmail.com)
Date: 05/02/03

  • Next message: James and Shannon Woest: "Restricting sshd connections by server key file"
    To: <secureshell@securityfocus.com>
    Date: Fri, 2 May 2003 11:45:48 -0400
    
    

    I got no reply from comp.security.ssh so I'm forwarding it to the list.
    Any straight answers on this tremendously appreciated.

    thanks,
    Jonathan

    > I am building OpenSSL 0.9.7b and OpenSSH 3.6.1p1 under Solaris 8. My
    > OpenSSL is configured to use the Solaris /dev/random supplied in
    112438-01.
    >
    > With OpenSSH 3.6.1p1, how are entropy sources handled? During
    > configuration, it identifies that OpenSSL's PRNG is internally seeded;
    this
    > is true, due to the existence of /dev/random.
    >
    > But, my confusion comes from the use of OpenSSH's rand-helper. If you run
    > "configure" with "--with-rand-helper", at the end of the configuration you
    > get:
    >
    > Random number source: ssh-rand-helper
    > ssh-rand-helper collects from: Command hashing (timeout 200)
    > ...
    >
    > WARNING: you are using the builtin random number collection
    > service. Please read WARNING.RNG and request that your OS
    > vendor includes kernel-based random number collection in
    > future versions of your OS.
    >
    >
    > ...which sounds worrisome. It sounds like it will never use OpenSSL's
    > internal source (ie, /dev/random) at all.
    > But if you use "--without-rand-helper" you get:
    >
    > Random number source: OpenSSL internal ONLY
    >
    >
    > So the question is, is OpenSSH with rand-helper enabled ignoring the fact
    > that OpenSSL has an entropy source, or will it try to use OpenSSL's
    internal
    > source and just "fall back" to ssh-rand-helper if need be? I saw a
    previous
    > post where someone says the latter is true; however, due to the warning
    you
    > get at configuration time it makes me think it's only trying to use
    > ssh-rand-helper and never tries OpenSSL's internal source. OTOH, I never
    > get "PRNG not seeded" messages, so maybe it isn't starving for entropy.
    > Can someone explain what is really happening?
    >
    > thanks!
    > Jonathan
    >
    >


  • Next message: James and Shannon Woest: "Restricting sshd connections by server key file"