the "evil" of EGD (was Re: RFE: Portable OpenSSH)
Sandor W. Sklar
ssklar at stanford.edu
Thu Mar 29 00:06:34 EST 2001
Folks,
I hope this doesn't sound stupid, but I don't understand why everyone
is so down on EGD. I've been using it (on AIX) since we put in
OpenSSH, and I haven't had any problems with it.
Am I just not smart enough to understand why it is so bad? (Of
course, I understand the much preferable inclusion of a real source
of entropy by the vendor, but why is egd so bad compared to the other
add on entropy sources?)
--Sandy
At 7:49 AM -0500 3/28/01, Michael Stone wrote:
>On Wed, Mar 28, 2001 at 09:18:45AM +1000, Damien Miller wrote:
>> Most people griped about EGD's >1Mb working set and that they didn't want
>> to depend on PERL daemons for security.
>
>I remember it periodically dying for no reason. When the built-in RNG
>was introduced I went running away from EGD. (And continued to curse the
>stupid OS's with no /dev/random.)
>
>--
>Mike Stone
--
sandor w sklar
unix systems administrator
stanford university itss-css
More information about the openssh-unix-dev
mailing list