RE: Apache/2.1.0-dev, mod_ssl and insufficient entry
JW, Do you really mean /usr/local/add-on/egd/bin/egd.pl ^ -tony -Original Message- From: J. W. Ballantine [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 6:37 AM To: [EMAIL PROTECTED] Subject: Apache/2.1.0-dev, mod_ssl and insufficient entry I tried this question with users and was directed here. If that is wrong, please let me know. Thanks I'm trying to start Apache/2.1.0-dev with mod_ssl enabled and all I keep getting is the dreaded: [Wed Jun 18 15:31:59 2003] [warn] Init: PRNG still contains insufficient entropy! [Wed Jun 18 15:31:59 2003] [error] Init: Failed to generate temporary 512 bit RSA private key Configuration Failed I understand that this is controlled by SSLRandomSeed in the httpd.conf file, and I've tried the following pairs to generate enough entropy: SSLRandomSeed startup exec:`/usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool` SSLRandomSeed connect exec:`/usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool` SSLRandomSeed startup egd:/etc/local/openssh/egd-pool SSLRandomSeed connect egd:/etc/local/openssh/egd-pool SSLRandomSeed startup file:/etc/local/openssh/httpd_ssl.seed SSLRandomSeed connect file:/etc/local/openssh/httpd_ssl.seed SSLRandomSeed startup builtin SSLRandomSeed connect builtin where /etc/local/openssh/httpd_ssl.seed was created by: /usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool read 255 and /etc/local/openssh/egd-pool is the socket from egd.pl ( which works fine with pnrgd for opensshd ). Any thoughts/pointers will be greatly appreciated. The cvs date is 20030612 and other info on httpd are: Server version: Apache/2.1.0-dev Server built: Jun 12 2003 12:14:31 Server version: Apache/2.1.0-dev Server built: Jun 12 2003 12:14:31 Server's Module Magic Number: 20030213:1 Architecture: 32-bit Server compiled with -D APACHE_MPM_DIR=server/mpm/prefork -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_PROC_PTHREAD_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D HTTPD_ROOT=/local/APACHE/Apache2 -D SUEXEC_BIN=/local/APACHE/Apache2/bin/suexec -D DEFAULT_PIDLOG=logs/httpd.pid -D DEFAULT_SCOREBOARD=logs/apache_runtime_status -D DEFAULT_LOCKFILE=logs/accept.lock -D DEFAULT_ERRORLOG=logs/error_log -D AP_TYPES_CONFIG_FILE=conf/mime.types -D SERVER_CONFIG_FILE=conf/httpd.conf Compiled in modules: core.c mod_authn_file.c mod_authn_default.c mod_authz_host.c mod_authz_groupfile.c mod_authz_user.c mod_authz_default.c mod_auth_basic.c mod_include.c mod_log_config.c mod_env.c mod_setenvif.c mod_ssl.c prefork.c http_core.c mod_mime.c mod_status.c mod_autoindex.c mod_asis.c mod_cgi.c mod_negotiation.c mod_dir.c mod_imap.c mod_actions.c mod_userdir.c mod_alias.c mod_so.c
Re: Apache/2.1.0-dev, mod_ssl and insufficient entry
Yes, that is the name of the perl script that reads from the pool for seed generation. -- In Response to your message - Date: Thu, 19 Jun 2003 07:47:05 -0700 To: '[EMAIL PROTECTED]' [EMAIL PROTECTED] From: Bennett, Tony - CNF [EMAIL PROTECTED] Subject: RE: Apache/2.1.0-dev, mod_ssl and insufficient entry JW, Do you really mean /usr/local/add-on/egd/bin/egd.pl ^ -tony -Original Message- From: J. W. Ballantine [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 6:37 AM To: [EMAIL PROTECTED] Subject: Apache/2.1.0-dev, mod_ssl and insufficient entry I tried this question with users and was directed here. If that is wrong, please let me know. Thanks I'm trying to start Apache/2.1.0-dev with mod_ssl enabled and all I keep getting is the dreaded: [Wed Jun 18 15:31:59 2003] [warn] Init: PRNG still contains insufficient entropy! [Wed Jun 18 15:31:59 2003] [error] Init: Failed to generate temporary 512 bit RSA private key Configuration Failed I understand that this is controlled by SSLRandomSeed in the httpd.conf file, and I've tried the following pairs to generate enough entropy: SSLRandomSeed startup exec:`/usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool` SSLRandomSeed connect exec:`/usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool` SSLRandomSeed startup egd:/etc/local/openssh/egd-pool SSLRandomSeed connect egd:/etc/local/openssh/egd-pool SSLRandomSeed startup file:/etc/local/openssh/httpd_ssl.seed SSLRandomSeed connect file:/etc/local/openssh/httpd_ssl.seed SSLRandomSeed startup builtin SSLRandomSeed connect builtin where /etc/local/openssh/httpd_ssl.seed was created by: /usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool read 255 and /etc/local/openssh/egd-pool is the socket from egd.pl ( which works fine with pnrgd for opensshd ). Any thoughts/pointers will be greatly appreciated. The cvs date is 20030612 and other info on httpd are: Server version: Apache/2.1.0-dev Server built: Jun 12 2003 12:14:31 Server version: Apache/2.1.0-dev Server built: Jun 12 2003 12:14:31 Server's Module Magic Number: 20030213:1 Architecture: 32-bit Server compiled with -D APACHE_MPM_DIR=server/mpm/prefork -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_PROC_PTHREAD_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D HTTPD_ROOT=/local/APACHE/Apache2 -D SUEXEC_BIN=/local/APACHE/Apache2/bin/suexec -D DEFAULT_PIDLOG=logs/httpd.pid -D DEFAULT_SCOREBOARD=logs/apache_runtime_status -D DEFAULT_LOCKFILE=logs/accept.lock -D DEFAULT_ERRORLOG=logs/error_log -D AP_TYPES_CONFIG_FILE=conf/mime.types -D SERVER_CONFIG_FILE=conf/httpd.conf Compiled in modules: core.c mod_authn_file.c mod_authn_default.c mod_authz_host.c mod_authz_groupfile.c mod_authz_user.c mod_authz_default.c mod_auth_basic.c mod_include.c mod_log_config.c mod_env.c mod_setenvif.c mod_ssl.c prefork.c http_core.c mod_mime.c mod_status.c mod_autoindex.c mod_asis.c mod_cgi.c mod_negotiation.c mod_dir.c mod_imap.c mod_actions.c mod_userdir.c mod_alias.c mod_so.c
RE: Apache/2.1.0-dev, mod_ssl and insufficient entry
So did changing it from egc.pl to egd.pl solve your insufficient entropy error ??? -tony -Original Message- From: J. W. Ballantine [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 8:06 AM To: [EMAIL PROTECTED] Subject: Re: Apache/2.1.0-dev, mod_ssl and insufficient entry Yes, that is the name of the perl script that reads from the pool for seed generation. -- In Response to your message - Date: Thu, 19 Jun 2003 07:47:05 -0700 To: '[EMAIL PROTECTED]' [EMAIL PROTECTED] From: Bennett, Tony - CNF [EMAIL PROTECTED] Subject: RE: Apache/2.1.0-dev, mod_ssl and insufficient entry JW, Do you really mean /usr/local/add-on/egd/bin/egd.pl ^ -tony -Original Message- From: J. W. Ballantine [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 6:37 AM To: [EMAIL PROTECTED] Subject: Apache/2.1.0-dev, mod_ssl and insufficient entry I tried this question with users and was directed here. If that is wrong, please let me know. Thanks I'm trying to start Apache/2.1.0-dev with mod_ssl enabled and all I keep getting is the dreaded: [Wed Jun 18 15:31:59 2003] [warn] Init: PRNG still contains insufficient entropy! [Wed Jun 18 15:31:59 2003] [error] Init: Failed to generate temporary 512 bit RSA private key Configuration Failed I understand that this is controlled by SSLRandomSeed in the httpd.conf file, and I've tried the following pairs to generate enough entropy: SSLRandomSeed startup exec:`/usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool` SSLRandomSeed connect exec:`/usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool` SSLRandomSeed startup egd:/etc/local/openssh/egd-pool SSLRandomSeed connect egd:/etc/local/openssh/egd-pool SSLRandomSeed startup file:/etc/local/openssh/httpd_ssl.seed SSLRandomSeed connect file:/etc/local/openssh/httpd_ssl.seed SSLRandomSeed startup builtin SSLRandomSeed connect builtin where /etc/local/openssh/httpd_ssl.seed was created by: /usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool read 255 and /etc/local/openssh/egd-pool is the socket from egd.pl ( which works fine with pnrgd for opensshd ). Any thoughts/pointers will be greatly appreciated. The cvs date is 20030612 and other info on httpd are: Server version: Apache/2.1.0-dev Server built: Jun 12 2003 12:14:31 Server version: Apache/2.1.0-dev Server built: Jun 12 2003 12:14:31 Server's Module Magic Number: 20030213:1 Architecture: 32-bit Server compiled with -D APACHE_MPM_DIR=server/mpm/prefork -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_PROC_PTHREAD_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D HTTPD_ROOT=/local/APACHE/Apache2 -D SUEXEC_BIN=/local/APACHE/Apache2/bin/suexec -D DEFAULT_PIDLOG=logs/httpd.pid -D DEFAULT_SCOREBOARD=logs/apache_runtime_status -D DEFAULT_LOCKFILE=logs/accept.lock -D DEFAULT_ERRORLOG=logs/error_log -D AP_TYPES_CONFIG_FILE=conf/mime.types -D SERVER_CONFIG_FILE=conf/httpd.conf Compiled in modules: core.c mod_authn_file.c mod_authn_default.c mod_authz_host.c mod_authz_groupfile.c mod_authz_user.c mod_authz_default.c mod_auth_basic.c mod_include.c mod_log_config.c mod_env.c mod_setenvif.c mod_ssl.c prefork.c http_core.c mod_mime.c mod_status.c mod_autoindex.c mod_asis.c mod_cgi.c mod_negotiation.c mod_dir.c mod_imap.c mod_actions.c mod_userdir.c mod_alias.c mod_so.c