issue with EGD in openssh
Lutz Jaenicke
Lutz.Jaenicke at aet.TU-Cottbus.DE
Wed Feb 14 20:33:13 EST 2001
On Tue, Feb 13, 2001 at 04:16:43PM -0700, Todd C. Miller wrote:
> Yes, I was surprised too. I have not seen this happen on HP-UX either.
> However, this is still something openssh needs to deal with as it should
> be possible to restart the entropy daemon w/o having sshd die.
I agree. I had this problem quite some time ago with older versions of
OpenSSH which kept the connection to EGD open all the time and were not
prepared to deal with EGD-restarts.
...
20000626
...
- (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK
based on patch from Lutz Jaenicke <Lutz.Jaenicke at aet.TU-Cottbus.DE>
- (djm) Fix fixed EGD code.
...
Based on what you write here, more work must be done to make sure that
EGD failure must not lead to sshd failures.
EGD or PRNGD can be shut down and restarted in a not synchronized way at
any time, so that SSHD failure must be prevented.
(Investigation of possible PRNGD caused problems will continue independently.)
Best regards,
Lutz
--
Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
More information about the openssh-unix-dev
mailing list