RFE: Portable OpenSSH

Christopher Linn celinn at mtu.edu
Wed Mar 28 04:19:57 EST 2001

On Tue, Mar 27, 2001 at 03:48:38PM +1000, Damien Miller wrote:
> Save your time :) The built-in PRNG will be deprected very soon, in
> favour of PRNGd[1].

yes, i saw this while reading the prngd Changelog  ;*)

> Entropy collection and pooling is best handled by long-running processes
> (ideally the kernel) as they get many more opportunities to gather
> better quality randomness over their lifetime.

bingo.  the kernel.

now i must ask, especially since we have someone from sun engineering
paying attention to OpenSSH (hi Darren!), just why the most beautifully
engineered kernel archetecture (solaris) does not yet have a
cryptographic-grade random device?!?  the /dev/random supplied with
the iPlanet package has been derided as being inferior in quality,
although i do not have a reference for that at hand... i think someone
on coderpunks made mention.  alot of us hard core solaris fans/admins
are *very* puzzled and frustrated by this!

best regards,


Christopher Linn, <celinn at mtu.edu>    | By no means shall either the CEC
Staff System Administrator            | or MTU be held in any way liable
  Center for Experimental Computation | for any opinions or conjecture I
    Michigan Technological University | hold to or imply to hold herein.

More information about the openssh-unix-dev mailing list