EGD requirement a show stopper for me

Damien Miller djm at mindrot.org
Fri Feb 4 11:44:07 EST 2000


On Thu, 3 Feb 2000, Andre Lucas wrote:

> On Wed, Feb 02, 2000 at 07:23:49PM +1100, Damien Miller wrote:
> 
> 8<
> > It would be great if someone could resurrect some of the entropy
> > gathering hooks from ssh-1.2.16 and combine them with the pool
> > functions of a Yarrow modified to use OpenSSL's crypto routines.
> > 
> 
> I've got Yarrow0.8.71 ported over from Win32, and I'm just moving the
> hooks. Before I do that, can you confirm that we can use stuff from ssh
> version 1.2.16? The openssh ssh manpage talks about 1.2.12. I can't find
> a copy 1.2.12 to compare.

Wow - well done! I think that it was ssh-1.2.16 that was used as the
basis for OpenSSH, but I am not 100%

In any case you can retrieve what the OpenBSD team started with:

cvs -z9 -d ":pserver:anoncvs at anoncvs1.usa.openbsd.org:/cvs" co -r 1.1 -d ssh-import src/usr.bin/ssh

This includes the random hooks.

> >From what I've seen, it shouldn't be too much work to port the crypto to
> openssl. Yarrow-0.8.71 only seems to use SHA-1 (no three key triple-DES
> as in the paper.)

Excellent. Yell if you want a hand.

Thanks again,
Damien 

--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)








More information about the openssh-unix-dev mailing list