/dev/random is on your Solaris CD

Paul Allen paul.l.allen at boeing.com
Thu Apr 6 14:13:46 EST 2000

There was some discussion recently about the Solaris /dev/random
support that can be downloaded from Sun's patch archive as part of
a patch to the Sun Web Server 1.0 product.  The SUNWski package
is the interesting  bit that purports to provide /dev/random.

It was noted that domestic and international versions of the patch
existed and that only the international (no encryption) version 
was downloadable.  Nobody stepped forward to verify that the 
international version actually produced quality random data suitable
for using with strong encryption.

Well, I was bored, so I started rummaging in my pile of Solaris boxes.
In the Solaris 7 (11/99) server box, I found Sun Web Server 2.1, which
contains SUNWski.  Although this is a newer version of the product,
it contains the same 1.0 version of the SUNWski package as does the
105710-01 patch.

I've installed both the version of SUNWski from my CD and the one
from the patch and computed checksums of all the files.  They differ.
This could be due to trivial things like timestamps.  Or, it could
be actual differences in the software.  Without sources, who can tell?

I think I'm going to get my Solaris /dev/random support from the CD 
Sun sent me, rather than from a possibly-crippled downloaded version.  
If anybody knows that the SUNWski that's bundled with Sun Web Server 
2.1 is not secure, or if anybody can convince me that egd.pl is 
superior, I'm all ears.  (Absolutely not criticising egd.pl here!
It's worked fine in my testing over the last day or so.)

Paul Allen
Paul L. Allen           | voice: (425) 865-3297  fax: (425) 865-2964
Unix Technical Support  | paul.l.allen at boeing.com
Boeing Phantom Works Math & Computing Technology Site Operations,
POB 3707 M/S 7L-68, Seattle, WA 98124-2207

More information about the openssh-unix-dev mailing list