AW: fatal: PRNG initialisation failed

Bladt Norbert Norbert.Bladt at adi.ch
Tue Jan 9 17:56:02 EST 2001


Joe Warren-Meeks [SMTP:joe at hole-in-the.net] wrote:

> open("/usr/local/etc/ssh_prng_cmds", O_RDONLY)  = 3
open of the command file succeeded.
> brk(0x000E6DB8)                                 = 0
"malloc" in user land, i.e. sshd
> brk(0x000E8DB8)                                 = 0
"malloc" in user land, i.e. sshd
> fstat64(3, 0xFFBEECD8)                          = 0

> brk(0x000E8DB8)                                 = 0
another malloc
> brk(0x000EADB8)                                 = 0
and another malloc
> ioctl(3, TCGETA, 0xFFBEEC64)                    Err#25 ENOTTY
This looks suspicious to me.
Why does the code do an ioctl intended for a terminal
on the file listing the commands ?
This system call will return a "-1". Perhaps this is
what is used later for the fstat ?

> read(3, " #   e n t r o p y   g a".., 8192)     = 1517
This read reads the whole file with the entropy
commands of size 1517.
Mine, on Solaris 7 is smaller and it works for me.

> read(3, 0x000E79CC, 8192)                       = 0
The next reads returns zero as there is nothing left to read.

> fstat(-1, 0xFFBEEDE8)                           Err#9 EBADF
> fstat(-1, 0xFFBEE1B8)                           Err#9 EBADF

> Not sure that those last EBADF from fstat are referring to.. I'm not
> that good with truss..
Me too.

Looking at the sources shows that the error message you see is indeed shown
if the number of commands in the command file is too small.
>From the truss I see that at least two mallocs are done.
Now, the problem is that I don't know anything about the Solaris malloc,
i.e. if it is intelligent enough to not map application mallocs to brk
system calls
or not.
If it does a 1:1 mapping, there is something wrong in the command file
or you run out of memory.
Because there should be much more "malloc"s done by sshd than just these
four.

Sorry, that I can't help much more than analyzing the
truss output.

Hope it helps, anyway,

Norbert.

-- 
Norbert Bladt
ATAG debis Informatik, ISM-TZ1 / Z302
Industriestrasse 1, CH 3052-Zollikofen
E-Mail: norbert.bladt at adi.ch Tel.: +41 31 915 3964 Fax: +41 31 915 3640







More information about the openssh-unix-dev mailing list