Bug 380

Summary: SSH compiled to use EGD.PL won't start without it!!
Product: Portable OpenSSH Reporter: Adrian <list_7531>
Component: sshdAssignee: OpenSSH Bugzilla mailing list <openssh-bugs>
Status: CLOSED WONTFIX    
Severity: major    
Priority: P2    
Version: -current   
Hardware: UltraSPARC   
OS: Solaris   

Description Adrian 2002-08-05 05:20:20 AEST 
Hi,

I'm trying to start SSHD / SSH and they won't start. 

I am using version 3.4.1p1 which I compiled with the "with-rand-helper" option.
Unfortunately
my EGD.pl script is presently malfunctioning, and SSH and SSHD report "not
enough entropy" then quit.

I also get this problem with version 3.2.3.p3 which I compiled with the
"with-rand-helper" option.

Please let me know if you are able to add a "force-no-egd" option to make
SSH run using the SSH internal entropy routines (as if it had been compiled
without the "with-rand-helper" option).

(In the meantime, I should be able to compile another set of SSH programs,
without the "with-rand-helper" option.)

Would this issue make a denial-of-service situation possible?

Thanks,

Adrian
Comment 1 Damien Miller 2002-08-05 13:11:44 AEST 
If you configure it to use EGD/PRNGd then it is your responsability to ensure
that they work. 

If you want some sort of redundancy, then configure with the rand-helper, but
replace it with a script. This script could, for example, try query EGD but fall
back to the original ssh-rand-helper if it didn't work.
Comment 2 Damien Miller 2004-04-14 12:24:18 AEST 
Mass change of RESOLVED bugs to CLOSED