Killing the builtin entropy code
Jim Knoble
jmknoble at pobox.com
Fri Dec 21 15:01:15 EST 2001
Circa 2001-Dec-21 12:10:18 +1100 dixit Damien Miller:
: Over the holidays, I intend to finally rid portable OpenSSH of the
: builtin entropy collection code. Here's what I intend to do:
[...]
: If OpenSSL isn't seeded, we will fork+suid(user)+exec a subprocess
: "ssh-rand-helper" which will return 64 bytes of randomness to stdout.
: This will be used to seed OpenSSL's PRNG. 512 bits should be enough
: for anyone :)
Obviously, we'd only suid(user) for sshd, not for e.g. ssh, ssh-agent,
or ssh-keygen.
: ssh-rand-helper may be a program which fetches randomness from PRNGd,
: it could be a Yarrow implementation or it could be an adaptation of the
: current entropy code to run in a one-shot mode. I'll certainly implement
: a PRNGd ssh-rand-helper, if time permits I'll do one of the others.
:
: This takes all the responsability out of OpenSSH for collecting random
: numbers and allows sites to implement whatever fallbacks they require
: using wrappers around ssh-rand-helper (which could be shell scripts).
:
: Comments?
I wonder if we might not want to go so far as to specify an interface
for this sort of thing (sort of like djb's checkpassword interface
<http://cr.yp.to/checkpwd.html>). For example:
ssh-rand-helper prints 64 octets of crytpo-quality randomness to
stdout, closes stdout, and exits 0. If ssh-rand-helper could not
obtain 64 octets of entropy, it closes stdout and exits 1.
Then we could ask e.g. Yarrow to ship an ssh-rand-helper program that
fits the interface, and it would no longer be our responsibility to
maintain the helper for Yarrow. Sort of like we do with (ahem)
ssh-askpass....
--
jim knoble | jmknoble at pobox.com | http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 262 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20011220/f40c9b6e/attachment.bin
More information about the openssh-unix-dev
mailing list