On Fri, Sep 28, 2001 at 08:26:02AM -0700, Dave Thiede wrote:
>
> I have been experiencing problems with remote data collection systems
> reporting not enough entropy in RNG. It mostly seems to be self correcting
> since a retry of the data transport succeeds. One system however shows
> the following everytime an ssh connection is attempted. Interactive
> commands do not seem to be affected. I have perused the code but the
> entropy gatherer seems to be fairly simple and I see no reason for the
> commands to be mostly timing out. There must be some kind of timer in the
> ssh code to cause this that I haven't found yet.
>
> This system is running Solaris 5.7 with a really old version of openSSH as
> you can see. There are no X windows on these sysetms nor usually any
> keyboard interaction. I have a task to upgrade these systems but from the
> release notes, I don't have a very high confidence that an upgrade will
> solve this specific problem.
What are you using as an entropy source for SSH on this machine? You
should of course be aware that Solaris does not have a /dev/random or
/dev/urandom (bad Sun, bad!, no donut), and therefore an external entropy
source is required in order to use SSH on Solaris. There are several out
there, and I've never had any joy with either of them.
An entropy source is included with OpenSSH releases from 2.9 on. I find
this makes things much happier than trying to use any of the standalone
entropy gatherers like egd. In this case, upgrading very probably *will*
solve your problem.
--
Linux Now! .........Because friends don't let friends use Microsoft.
phil stracchino :: [EMAIL PROTECTED] :: [EMAIL PROTECTED]
unix ronin :::: renaissance man :::: mystic zen biker geek
2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold)
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
