/etc/urandom and Solaris
Paul Allen
paul.l.allen at boeing.com
Wed Mar 29 16:20:17 EST 2000
Carl Brewer wrote:
>
> > Carl Brewer wrote:
> > >
> > > Sun *does* have a /dev/random, and it works with OpenSSH
> > >
> > > It's not bundled, it's part of the package SUNWski.
> > >
> > > You can find SUNWski on Sunsolve if you go scanning through the
> > > patch reports.
> >
> > Hmmm... There are both international and domestic versions of the
> > Sun Web Server patch that contains SUNWski. One can only download
> > the international version with no crypto. Will the international
> > version have a functioning /dev/random, or will I have to get the
> > folks at 1-800-USA4SUN to send me a tape?
>
> I don't know the story wrt the versions, but the one that I have
> I got from SunSolve by searchign for /dev/random in the patch
> reports, and finding SUNWski, and then downloading the patch,
> pulling out the package and applying it. It works on Solaris 2.6, 7
> and 8ea (personal experience).
OK, it's just like Carl says. Download patch 105710-01 (this is the
SPARC version) from SunSolve. If you have a SunSolve account, you
know how to do this. Unpack the patch and do something like:
pkgadd -d 105710-01
Have it install the SUNWski package. Among other things, this gives
you /etc/init.d/cryptorand and /etc/init.d/skiserv. You probably want
to disable the skiserv script, but the cryptorand script is the one
that creates a fifo called /dev/random with a daemon connected to it.
Reading from /dev/random after saying "/etc/init.d/cryptorand start"
gets apparently random data.
Does anybody know how to tell if this is "good" random data? I know
less than nothing about cryptography and am not sure how to judge
this versus egd.pl.
Paul Allen
--
Paul L. Allen | voice: (425) 865-3297 fax: (425) 865-2964
Unix Technical Support | paul.l.allen at boeing.com
Boeing Phantom Works Math & Computing Technology Site Operations,
POB 3707 M/S 7L-68, Seattle, WA 98124-2207
More information about the openssh-unix-dev
mailing list