Bug 630

Summary:

built-in ssh-rand-helper

Product:

Portable OpenSSH

Reporter:

Antti Tapaninen <aet>

Component:

Miscellaneous

Assignee:

OpenSSH Bugzilla mailing list <openssh-bugs>

Status:

CLOSED WONTFIX

Severity:

normal

Priority:

Version:

-current

Hardware:

All

OS:

All

Attachments:

Description	Flags
This patch modifies ssh-rand-helper source, so that you can link randomness code staticly, like OpenSSH 3.0.2p1 used to do as only option.	none

Description Antti Tapaninen 2003-08-26 02:57:26 AEST

OpenSSH 3.1p1 introduced ssh-rand-helper, a subprocess to gather
randomness for legacy OS's that still don't have /dev/urandom. Sadly
here at HUT/CC as well we have a few mission critical servers that
need ssh-rand-helper, but a static linking instead of external
subprocess with hardcoded exec paths is preferred.

Comment 1 Antti Tapaninen 2003-08-26 02:59:15 AEST

Created attachment 373 [details]
This patch modifies ssh-rand-helper source, so that you can link randomness code staticly, like OpenSSH 3.0.2p1 used to do as only option.

Comment 2 Damien Miller 2003-08-26 10:51:54 AEST

Thanks, but we are trying to move the responsability for randomness collection
further away from OpenSSH, rather than closer in. It just doesn't make sense for
each app to do its own entropy collection.

I'd prefer to deprecate ssh-rand-helper entirely and give all the responability
to OpenSSL, but that is a matter for another release :)

Comment 3 Antti Tapaninen 2003-08-26 23:32:51 AEST

Ah, that's good to hear. :) Maybe I'll glue out some issues with
prngd in the future and use it with OpenSSL, so that I won't
have to maintain ugly patch like this anymore.

Comment 4 Damien Miller 2004-04-14 12:24:19 AEST

Mass change of RESOLVED bugs to CLOSED