Why does prng always need to run the ssh_prng_cmds?

Dave Dykstra dwd at bell-labs.com
Sat Jun 2 04:24:01 EST 2001


This question is primarily for Damien, but if anybody else knows the
answer please chime in.

Why is it that on systems with no /dev/random or PRNGD or EGD (and I have a
lot of Solaris systems in this situation because I don't have root access
on them) that the OpenSSH 'ssh' command has to run through all those
ssh_prng_cmds every time it starts up?  Why doesn't ~/.ssh/prng_seed give
it enough initial entropy?  The old SSH 1.2.27 'ssh' command got away with
using only ~/.ssh/random_seed, which it initializes by running a lot of 
system commands the first time it is run.  Was that not secure enough?  I
don't recall seeing anybody claiming it wasn't.  I can't see why it wouldn't
be secure, because if you assume the client machine hasn't been compromised
(and able to observe the seed file) there should be no way that a cracker
should be able to guess what number will be chosen in the future just by
observing the numbers that are being chosen in the past and transferred
over the wire.

If there's no fundamental reason why it can't be done that way and you'd
consider accepting a patch, I'll work on it.

- Dave Dykstra



More information about the openssh-unix-dev mailing list