Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)
From: Surinder S. Dio (S.S.Dio@gre.ac.uk)Date: 07/21/02
- Previous message: Alfred Huger: "Announcement"
- Next in thread: Bennett Crowell: "Re: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Reply: Bennett Crowell: "Re: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Reply: Mike Delaney: "Re: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Reply: adam morley: "Re: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Reply: Patrick Morris: "Re: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Reply: Surinder S. Dio: "Summary: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 21 Jul 2002 16:59:55 +0100 From: "Surinder S. Dio" <S.S.Dio@gre.ac.uk> To: focus-sun@securityfocus.com
hi,
I've been scratching my head with for a while and I suspect I'm
going to look pretty silly when someone points out an obvious
answer.
[Please forgive my inexact uses of terms like randomness.]
I've had my battles with using a randomness generator under Solaris.
Over the years while compiling up OpenSSH I've used AndiRAND, egd,
PRNGD and now latterly the native /dev/random from Solaris 8 (via
patch 112438) and the default one with Solaris 9.
I mostly use PRNGD on my Solaris boxes and want to move away to
using the native /dev/random devices under Solaris 8 & 9. However I
want to be sure that the device is being used and that I'm getting
the best "randomness" and not using the built in generator in
OpenSSH (which I understand is not as good a source of "randomness")
I installed the ssh that comes with Solaris 9 and checked with lsof
and lo and behold; it is using /dev/urandom
sshd 496 root 3r VCHR 190,1 0t400 56050 /devices/pseudo/random@0:urandom
I then compiled and installed OpenSSL 0.9.6d and OpenSSH 3.4p1;
prefixing it into a temporary directory; without specifying any of
the --with-prngd-* options; assuming that /dev/urandom would be used
automatically.
However lsof does not show it being used as above. So I assumed that
there must be another configure option, version 3.4p1 didnt seem to
have any others though a search of the web indicated that earlier
versions allowed --with-random; so I tried
--with-random=/dev/urandom.
Again lsof indicated that it wasn't being used.
So either I'm compiling up OpenSSH incorrectly, or the Sun SSH is
significantly different or I'm misunderstanding my lsof output or
something else :-(
Could someone point how I can guarantee that /dev/urandom is being
used and how the Sun version managed to use it. Am I missing a
compile/configure option?
Many thx
Surinder
- Previous message: Alfred Huger: "Announcement"
- Next in thread: Bennett Crowell: "Re: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Reply: Bennett Crowell: "Re: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Reply: Mike Delaney: "Re: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Reply: adam morley: "Re: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Reply: Patrick Morris: "Re: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Reply: Surinder S. Dio: "Summary: Proving OpenSSH 3.4p1 is using /dev/urandom (Solaris 9 ossh Vs OpenBSD ossh)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
