Entropy collection in sshd (was Re: Entropy and DSA key)
Lutz Jaenicke
Lutz.Jaenicke at aet.TU-Cottbus.DE
Wed Nov 7 04:33:21 EST 2001
On Tue, Nov 06, 2001 at 12:18:52PM -0500, Ed Phillips wrote:
> What I don't understand about the internal entropy collection is why can't
> sshd just run the commands periodically just like prngd, and keep a
> running, stirred pool of random numbers to use when a client connects?
[more text removed]
The problem is not sshd. sshd startup only happens once and it does not
matter whether it takes 0.5 seconds or 5 seconds; the server will be up
for hours/days/weeks anyway. (Re-seeding should happen over time.)
The problem is with the client!!! ssh client processes are called by the
user to log into the server and the response time is an important issue
here!
Best regards,
Lutz
--
Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
More information about the openssh-unix-dev
mailing list