RFE: Portable OpenSSH
Christopher Linn
celinn at mtu.edu
Wed Mar 28 04:19:57 EST 2001
On Tue, Mar 27, 2001 at 03:48:38PM +1000, Damien Miller wrote:
>
> Save your time :) The built-in PRNG will be deprected very soon, in
> favour of PRNGd[1].
yes, i saw this while reading the prngd Changelog ;*)
> Entropy collection and pooling is best handled by long-running processes
> (ideally the kernel) as they get many more opportunities to gather
> better quality randomness over their lifetime.
bingo. the kernel.
now i must ask, especially since we have someone from sun engineering
paying attention to OpenSSH (hi Darren!), just why the most beautifully
engineered kernel archetecture (solaris) does not yet have a
cryptographic-grade random device?!? the /dev/random supplied with
the iPlanet package has been derided as being inferior in quality,
although i do not have a reference for that at hand... i think someone
on coderpunks made mention. alot of us hard core solaris fans/admins
are *very* puzzled and frustrated by this!
best regards,
chris
--
Christopher Linn, <celinn at mtu.edu> | By no means shall either the CEC
Staff System Administrator | or MTU be held in any way liable
Center for Experimental Computation | for any opinions or conjecture I
Michigan Technological University | hold to or imply to hold herein.
More information about the openssh-unix-dev
mailing list