fatal: Not enough entropy in RNG

Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE
Fri Jul 21 17:25:49 EST 2000

On Thu, Jul 20, 2000 at 02:16:28PM -0700, dabe_spam at excite.com wrote:
> >What kind of entropy source did you select? EGD or the integrated
> >entropy collector? (If you did not select one, the integrated >collector
> >should be configured)
> I did not specifically select an entropy source, so it sounds like I got the
> integrated one.
> >EGD can be drained and then an upstarting sshd can fail. I have >written
> >my own prngd to come around this problem (early alpha stage :-) on >HP-UX.
> >The integrated entropy collector should better not fail...
> Well, it looks like I'm just lucky today.   Since it looks like the 
> integrated entropy collector has failed, what are my options?  

That's one of those things that are hard to say from remote. I have not
seen problems with the internal collector (even though I do use a different
scheme as I wrote).

> I don't know much about openssh and openssl, but it looks like maybe I need
> to change the configuration in ssh_prng_cmds to give it more stuff to pull
> from.  
Yes, that is one option. Actually openssh does not need too much entropy
to start up (openssl requires 16 bytes), so if you take care of the weight
factor you could easily "trick" openssh to account some input as 16 bytes.
Something like "cat /etc/entropy.data", with entropy_data you have obtained
from a high quality entropy source like EGD on a busy host.
Use it as the first command in ssh_prng_cmds :-) OpenSSH will then add
additional entropy while running. And don't forget to add new entropy
to this file regularly!

One hint: it seems that the ssh_prng_cmds file is not updated automatically
when performing a "make install", so maybe you have an old one without much
entropy sources?

> Do I have any other options to get the integrated entropy collector to work
> reliably??
Use EGD. Have it start very early in the sequence, so that is has time to
collect entropy. Don't use it to seed other daemons, so that it is not
drained. (The latest portable release does not complain if the re-seed
during runtime is not succesful, once it has been seeded at startup.)

Good luck,
Lutz Jaenicke                             Lutz.Jaenicke at aet.TU-Cottbus.DE
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153

More information about the openssh-unix-dev mailing list