EGD requirement a show stopper for me

Dave Dykstra dwd at bell-labs.com
Tue Feb 1 01:29:41 EST 2000


On Mon, Jan 31, 2000 at 11:18:43AM +0000, Andre Lucas wrote:
> Andrew Stribblehill wrote:
> 8<
> > If we assume that sshd is around all the time, there is no way for
> > local users to login to other machines whilst disallowing ssh
> > logins to localhost. (A sort of runlevel-2 state.) If it's
> > considered that this is of minority interest, perhaps PRNG stuff
> > /should/ be compiled in.
> > 
> Good point. The prng code would need to be linked into ssh as well as
> sshd - as it is in ssh-1.2.27 - and the state would be picked up from a
> file. The biggest problem I see with that would be that the ssh
> executable would have to be setuid <whatever> to access the seed and key
> files if there was no other program running to manage this.
> 
> IMHO the best way is indeed to have a standalone daemon. Reading output
> from a pipe, it's as close to a portable random device as we're likely
> to get. EGD is good, but because it's written in Perl it's slow and big.
> With a C prng as a separate program it should be easier to maintain, and
> it would be easier to protect the statefiles that Yarrow wants. I can't
> think of a reason why it would have to run as root, either.

In my case, I have many users who run a non-setuid ssh (1.2.27) client on
machines that do not have sshd running.

I do not understand why people seem to dislike the idea of generating the
initial random number from an entropy source and from then on saving a seed
in a file.  That's what ssh 1.2.27 and PGP do; have they been criticized
for that?  Sure it's a problem if somebody is able to break into your
machine and read the seed file, but if somebody can do that then all bets
are off anyway.  GnuPG also does not save anything in a seed file, so there
must be something to it.  Perhaps people are worried about physical seizing
of hardware; I'm not worried about that, and besides I don't see how that
would be an issue for OpenSSH because it has nothing to protect once the power
has been turned off on a machine thus tearing down all SSH sessions.  GnuPG
is different in that respect because if somebody seized the seed file they
may be able to guess what random key was used to encrypt data in a file.

- Dave Dykstra





More information about the openssh-unix-dev mailing list