* [Thomas Bushnell, BSG] > Ssh should provide a non-cryptographically secure mode (such as using > hashes of the low time bits, for example) for use on systems without a > real random bit source.
I believe it does even better, and provides a mode where it hashes the output of "ps aux" and suchlike. However, this mode has to be enabled at compile time and the commands it uses probably tweaked a bit to fit well into a GNU/Hurd system. OpenSSH also provides support for EGD/prngd, which also has to be enabled at compile time. (oh, and last I checked (1-2 years ago), Debian had no EGD or prngd packages, as they're pretty useless on Linux, so somebody would have to package one of those, too). Those wanting a good ssh package could spend their time writing a patch for the ssh package to use one of these approaches on the Hurd, instead of arguing about whether /bin/bash or /lib/libc.so.6 provides the best randomness for /dev/urandom. For the time being, telnet works quite well for me on my little home network with a completely headless Debian GNU/Hurd system. Oystein -- This message was brought to you by the letter � and the number e.
