OpenSSH ssh-keygen on Solaris8 x86

Mon May 1 04:31:15 EST 2000

(I've cc'd in Brian Warner, author of egd)

Based on what you sent me, the problem is with egd, and not with
OpenSSH, as suspected. 

Running egd in --debug-gather mode, it runs out of sources for entropy,
initially finding 22, but one by one eliminating them.  Then it loops:

ran out of sources
 waiting for a source to become usable again
Use of uninitialized value at ./egd.pl line 647.
 next available is in -957118987

Line 647 is:
print STDERR " next available is in ",
                  ($next_available - time()),"\n" if $debug_gather;

It doesn't appear to try to spawn any more sources after that.

I'll dig into egd this afternoon, and try to come up with a fix for it.

Patrick

Brian Carrier wrote:
> 
> Patrick,
> I haven't actually used OpenSSH with EGD, but I've been using EGD for some
> research and have had 0.7 running on Solaris.  The only thing I can recommend
> is to run the client program:
> 
> # eg/egc.pl /etc/entropy get
> and
> # eg/egc.pl /etc/entropy readb 256
> 
> The first tells you  how much entropy EGD has collected and the second
> does a blocking read (equivalent to the statement in random.c).  You can
> also run egd with --debug-client and it will display info on the requests
> it gets, so it will tell you when you run 'make host-key' if there is enough
> entropy for your request.  If the readb command returns data, then I would
> assume the problem is somewhere in OpenSSH.  If it doesn't return data, then
> EGD is not collecting any entropy from the system commands.  At that point,
> you can do a --debug-gather in egd.pl and it will display when the system
> commands return and with how much entropy.
> 
> I don't believe 'make test' does much except test the SHA installation.
> 
> hope this helps,
> brian
> 
> On Sat, Apr 29, 2000 at 08:17:59PM -0400, Patrick Gardella wrote:
> > I'm having a bit of trouble generating a host key on an x86 Solaris 8
> > system.
> > I've gotten the following built and installed:
> > egd-0.7
> > openssl-0.9.5a
> > openssh-1.2.3
> >
> > My perl version is 5.005_03.
> >
> > egd is running, and tests fine the egd "make test" and with:
> > #./egd.pl /etc/entropy get
> > 22 sources found
> > forking into background...
> > server starting
> >
> > But when I go to "make host-key", it just sits there.  Tracking it down,
> > the place it stops is in random.c (line 99):
> >
> >         c = atomicio(write, random_pool, egd_message,
> > sizeof(egd_message));
> >         if (c == -1)
> >                 fatal("Couldn't write to EGD socket \"%s\": %s",
> > RANDOM_POOL, st
> > rerror(errno));
> >
> >         c = atomicio(read, random_pool, buf, len);  <--------- HERE
> >
> > It's this last line it never completes (line 99)
> >
> > I noticed from the list archives that egd-0.7 is fairly new.  There was
> > some talk on 4/20 about a similar problem ( John Weaver & Brian
> > Carrier), but I don't see any conclusion.
> >
> > Any thoughts?

-- 
Patrick
----------
Patrick Gardella                 patrick at whetstonelogic.com
VP-Technology                    patrick at freebsd.org
Whetstone Logic, Inc.            This space intentionally left blank.