OpenSSH entropy/PRNG (was: Why does ssh try to run df, netstat, arp ...?)

Damien Miller djm at mindrot.org
Sun Nov 19 11:30:34 EST 2000


On Fri, 17 Nov 2000, Loomis, Rip wrote:

> Related question:
> Is anyone actively trying to get Yarrow or some other
> algorithmic source of entropy into OpenSSH?  I suppose
> this is really a question for the OpenSSL folks...

Yarrow provides a similar infrastructure to the RAND_* functions
in OpenSSL - an entropy pool. You still have to come up with an
appropriate number of random bits.

Hassle your vendor for /dev/random support in their OS :)

-d

-- 
| ``We've all heard that a million monkeys banging on | Damien Miller -
| a million typewriters will eventually reproduce the | <djm at mindrot.org>
| works of Shakespeare. Now, thanks to the Internet, / 
| we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org







More information about the openssh-unix-dev mailing list