poor default seeding of RNG
Damien Miller
djm at mindrot.org
Wed Mar 14 17:13:48 EST 2001
On Wed, 14 Mar 2001, Tom Holroyd wrote:
> Correct me if I'm wrong, but init_rng() in entropy.c doesn't call
> seed_rng(), and in fact seed_rng() isn't called from _anywhere_ (in
> openssh-2.5.1p2). So calls to BN_rand() only pick up the
> tiny/non-existent amount of entropy added by BN_rand() itself from the
> system clock (time in seconds). Shouldn't seed_rng() be called from
> init_rng()? It should be called from _somewhere_, or deleted.
It is called from arc4random_stir which is used fairly pervasively
and also implicitly from arc4random.
-d
--
| Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's
| http://www.mindrot.org / distributed filesystem'' - Dan Geer
More information about the openssh-unix-dev
mailing list