the "evil" of EGD (was Re: RFE: Portable OpenSSH)

mouring at mouring at
Thu Mar 29 01:28:13 EST 2001

On Wed, 28 Mar 2001, Sandor W. Sklar wrote:

> Folks,
> I hope this doesn't sound stupid, but I don't understand why everyone
> is so down on EGD.  I've been using it (on AIX) since we put in
> OpenSSH, and I haven't had any problems with it.
> Am I just not smart enough to understand why it is so bad?  (Of
> course, I understand the much preferable inclusion of a real source
> of entropy by the vendor, but why is egd so bad compared to the other
> add on entropy sources?)

The main complaint has been because EGD is a perl program, and you now
have to drag the whole perl interpeter into memory for long periods in
time,  and most folks don't care for that idea.

I can safely say the preformance (can't judge quality) between PRNGd and
EGD is the difference between day and night.  PRNGd is much faster, forks
less, and as a result uses less resources to match/exceed EGD.

That's pretty much it in a nutshell.

- Ben

More information about the openssh-unix-dev mailing list