Variable path to ssh_prng_cmds?
Damien Miller
djm at mindrot.org
Wed Apr 11 11:09:38 EST 2001
On Thu, 5 Apr 2001, Armin Kunaschik wrote:
> Hi there,
>
> I have all my additional software mounted from one central place.
> Therefore I'm trying to limit all unnecessary local files.
> Local config files are ok... e.g. keys, ssh_config etc, but why
> needs ssh_prng_cmds to be in /etc? So why not put it into $bindir?
> There are no problems doing this with a few manual fixes. So
> are there any security concerns? Is it possible to make this a
> configuration option in the furure?
You are better off using PRNGd[1] rather than portable OpenSSH's
own RNG. It is more secure, reduces your system load and is more
configurable.
-d
[1] http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
--
| Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's
| http://www.mindrot.org / distributed filesystem'' - Dan Geer
More information about the openssh-unix-dev
mailing list