EGD requirement a show stopper for me

Carl Brewer carl at bl.echidna.id.au
Fri Jan 28 10:12:54 EST 2000 

> Date: Fri, 28 Jan 2000 10:05:00 +1100 (EST)
> From: Damien Miller <djm at mindrot.org>
> To: Dave Dykstra <dwd at bell-labs.com>
> Cc: openssh-unix-dev at mindrot.org
> Subject: Re: EGD requirement a show stopper for me
> X-Paranoia: just because you're paranoid doesn't mean they aren't out to get you
> MIME-Version: 1.0
> 
> > The memory requirement isn't the worse problem for me:  I currently
> > distribute the ssh 1.2.27 client via a non-root user id *very* widely
> > throughout my company (on 8 unix variants), and there isn't any reasonable
> > way for me to start a shared long-running process on every machine that may
> > run ssh.  It's not a problem for the machines that are running sshd, since
> > that has to run as root anyway, but it is a big problem on machines that
> > run the ssh client only.  I could start a shared processes on the servers
> > that receive the distribution under my non-root user id, but that doesn't
> > help for all the workstations that nfs-mount the package from servers.
> 
> I have received a patch to enable the EGD support in OpenSSH to
> use a TCP socket for communications with EGD. This would allow
> multiple users on a machine to share a single instance of
> EGD. Though I wouldn't recommend it be used over a network.
> 
> > I need a mechanism like the one used in commercial ssh, where the random
> > seed is saved in a file.
> 
> Sun do have a random driver which may be of use:
> 
> BH> You can install the SUNWski package. It comes with the sun webserver on the
> BH> SEAS cd. It's still not a kernel random like linux though. It has a stand
> BH> alone daemon like the perl package. I think it's a little lighter though.
> 
> BH>    PKGINST:  SUNWski
> BH>       NAME:  SKI 1.0 Software (User Package)
> BH>   CATEGORY:  application
> BH>       ARCH:  sparc
> BH>    VERSION:  1.0,REV=1998.09.24.00.00
> BH>    BASEDIR:  /
> BH>     VENDOR:  Sun Microsystems
> BH>       DESC:  SKI Software (User Package)
> BH>     PSTAMP:  mcm-ultra1>Fri Dec  4 14:23:39 PST 1998
> BH>   INSTDATE:  Jan 07 2000 16:32
> BH>     VSTOCK:  258-6422-05
> BH>    HOTLINE:  Please contact your local service provider
> BH>     STATUS:  completely installed
> BH>      FILES:     36 installed pathnames
> BH>                 10 shared pathnames
> BH>                  4 linked files
> BH>                 11 directories
> BH>                 16 executables
> BH>               3173 blocks used (approx)

I can personally verify that this works on SunOS 5.6 through to 5.8 beta
with OpenSSH.  Also, if you have a sunsolve account, you can get it from
a Sun patch, just do a search for SUNWski on sunsolve and grab that
patch, the patch contains SUNWski and then install it.

Carl

More information about the openssh-unix-dev mailing list