Re: PRNGD and ssh-rand-helper

From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: 05/24/03

• Next message: armin walland: "Re: Bad Host Name"
• Previous message: Nico Kadel-Garcia: "Re: X Server"
• In reply to: Chad Johnson: "PRNGD and ssh-rand-helper"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 24 May 2003 01:18:58 GMT

In article <f5fb93bc.0305230621.1156fc86@posting.google.com>,
Chad Johnson <cmjohnson@uslec.com> wrote:
>Is there a way to specify to the sshd program to use prngd instead of
>ssh-rand-helper or must I recompile? I would really like to avoid
>having to recompile.
>
>The main problem is performance.

You could make sure both ends have clean name resolution (put then both
in each other's hosts file if you have to).

You can use SSH Protocol 1 (eg "ssh -1") which is faster but less
secure.

I know you said you didn't want to recompile, but recompiling both
openssl and openssh with SPARC v8 instructions (-mcpu=v8 or
-mcpu=ultrasparc if you're using gcc) will make a noticable difference.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

• Next message: armin walland: "Re: Bad Host Name"
• Previous message: Nico Kadel-Garcia: "Re: X Server"
• In reply to: Chad Johnson: "PRNGD and ssh-rand-helper"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: [Full-Disclosure] OpenSSL - dynamically linked binaries? ... I recently recompiled my mod_ssl apache box and php.... ... for the openssl ... had to recompile both php and apache to get the updated linkage... ... Honza Vlach wrote: ... (Full-Disclosure) [Full-Disclosure] OpenSSL problem: is mod_ssl also vulnerable? ... > The key to the openssl issue is the same here, get fixed openssl sources, ... > and recompile with them as the reference bases just as with mod-ssl ... > of whther there is a new mm package available. ... openssl libraries and as long as your apache daemon is ... (Full-Disclosure) R: OpenSSL Vulnerability and OpenSSH ... recompile Apache+mod_ssl ... Oggetto: RES: OpenSSL Vulnerability and OpenSSH ... applications using OpenSSL to provide SSL or TLS...", i did it (apache, ... libcrypto. ... (Vuln-Dev) Re: openssl 0.9.8 breaking things ... >> Just upgraded to openssl 0.9.8 and things are breaking, ... > you need to recompile your software against new ... (freebsd-questions) [Full-Disclosure] OpenSSL - dynamically linked binaries? ... I have upgraded my servers to latest OpenSSL version and ... else should I recompile. ... The thing, that confuses me lot is, when I ... look on the phpinfo, it says "OpenSSL version 0.9.7c", which it ... (Full-Disclosure)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint