RE: SSH / SSH-KEYGEN / PRNGD SEED

Arndt.WA_at_forces.gc.ca
Date: 01/22/04

Next message: Atro Tossavainen: "Re: ssh .vs. rsh"

Previous message: Dominik Schleich: "Re: Disable ssh login + enable scp for specific users."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Anthony.Vaccaro@astrazeneca.com
Date: Thu, 22 Jan 2004 08:40:38 -0500

Comments/suggestions inline below...

<snip>
> > # ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N ""
> > PRNG is not seeded
> >
> > # ssh-keygen -t dsa -f /usr/local/etc/ssh_host_dsa_key -N ""
> > PRNG is not seeded
> >
> > # ssh-keygen -t rsa -f /usr/local/etc/ssh_host_rsa_key -N ""
> >
> > PRNG is not seeded
> > At this point I downloaded the prngd-0.9.25-sol8-sparc-local.gz and
> > installed it.
> > Still the problem persists.
> > Could you advise me what I am doing wrong .

Tony,

I suspect you forgot to create "seed file" for the prngd to use.
Try the following: (NOTE: paths below assume that you installed
prngd in the default location.

i. prngd requires some data to initialize with (known as a seed).
Create a seed file by performing the following commands:
cat /var/adm/messages > /usr/local/etc/prngd/prngd-seed
cat /var/adm/wtmpx >> /usr/local/etc/prngd/prngd-seed

ii. Create a directory in /var/spool for prngd to use
mkdir /var/spool/prngd

iii. Start prngd
/usr/local/sbin/prngd /var/spool/prngd/pool

iv. If prngd has started properly, it will be generating entropy.
Check this by running the following command:
/usr/local/bin/egc.pl /var/spool/prngd/pool get

NOTE - You'll need PERL installed and you'll also need to get the
precompiled binary for Solaris of the egd for step iv to work.
Install it with the following command:
pkgadd -d egd*local

ADDITONAL NOTE: If egd is installed properly, the output from the
command in step iv should look something like this:
32800 bits of entropy in pool

> > Regards,
> > Tony

Hope this helps,
Alex

Next message: Atro Tossavainen: "Re: ssh .vs. rsh"

Previous message: Dominik Schleich: "Re: Disable ssh login + enable scp for specific users."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: PRNG not seeded
... booboo wrote: ... > Now whatever I try to do, I get 'PRNG not seeded'. ... install this: ... I've seen NTU lights glitter in the dark near the Mail Gate. ...
(comp.unix.solaris)
FW: Re: SSH / SSH-KEYGEN / PRNGD SEED
... install the correct openssh and openssl gz files for sparc solaris 8 and ... Tony ... > PRNG is not seeded ...
(SSH)
JPs SSH binaries
... this server. ... PRNG is not seeded ... file that should be there if prngd started correctly (from what I have ... that it was NOT necessary to install the EGD package......is that ...
(comp.unix.sco.misc)
Re: newby - installing openssh 3.6.1p2 on solaris 8
... > PRNG is not seeded ... Install /dev/random on your machine with sun patch 112438-01 ... < This line left intentionally blank to confuse you. ...
(comp.security.ssh)
RE: fedora-list Digest, Vol 12, Issue 203
... >the Install programs app to get all the Development stuff at once. ... >Yes, I have tried running it from the command line, it just died with no ... >which defaulted to LVM use on a single drive. ... > O splendente, che vieni dalle sorgenti del Nilo, ...
(Fedora)