the "evil" of EGD (was Re: RFE: Portable OpenSSH)

Sandor W. Sklar ssklar at stanford.edu
Thu Mar 29 00:06:34 EST 2001


Folks,

I hope this doesn't sound stupid, but I don't understand why everyone 
is so down on EGD.  I've been using it (on AIX) since we put in 
OpenSSH, and I haven't had any problems with it.

Am I just not smart enough to understand why it is so bad?  (Of 
course, I understand the much preferable inclusion of a real source 
of entropy by the vendor, but why is egd so bad compared to the other 
add on entropy sources?)

--Sandy

At 7:49 AM -0500 3/28/01, Michael Stone wrote:
>On Wed, Mar 28, 2001 at 09:18:45AM +1000, Damien Miller wrote:
>>  Most people griped about EGD's >1Mb working set and that they didn't want
>>  to depend on PERL daemons for security.
>
>I remember it periodically dying for no reason. When the built-in RNG
>was introduced I went running away from EGD. (And continued to curse the
>stupid OS's with no /dev/random.)
>
>--
>Mike Stone

-- 
   sandor w sklar
   unix systems administrator
   stanford university itss-css



More information about the openssh-unix-dev mailing list