New feature: remote entropy gatherer port

mouring at etoh.eviladmin.org mouring at etoh.eviladmin.org
Wed Oct 3 06:14:40 EST 2001


This has been talked about before (actually joked about because PRNGd
supports this idea with maybe a tweak or two), but the main question is
the security of the matter.  How easily would it be to insert a
predicatable set of information into this 'unencryption' data streem in
order to weaken the encryption.  Or just as bad someone hijacking the IP
of the box and feeding predictable data out to all clients.

What if your 'entropy host' is down (crashed machine, DoSed, etc).. Do you
really wish to trust entropy collection off your machine?  I'd rather see
OSes implement the right kernel level tools instead of giving them an
excuse to say it is not required.

I'd rather not see anything like this go into the portable tree.  It will
end up being yet another option for uninformed people to use and screw up.
And thus blame on us for their lack of understanding (much like KeepAlive
and friends <sigh>).

On Tue, 2 Oct 2001, Alex Muntada wrote:

> 	[NOTE: I'm new to this list and this is my first
> 	approach to OpenSSH code.]
>
> I've enhanced "--with-prngd-port=PORT" flag to accept an
> optional hostname as in "myhost:myport", e.g.:
>
>   % ./configure --with-prngd-port=example.com:12345
>
> Although I'm certain that this may cause big trouble if remote
> gatherer isn't online (ssh will refuse to open any connection)
> I think it's an interesting enhancement, specially if you have an
> specialized random gatherer in your local environment.
>
> Imagine a server running egd or prngd feeding from the usual PRNG
> shell commands. Then, add to that server some random traffic from
> your local network or from other random gatherers like random.org
> (e.g. http://random.org/cgi-bin/randbyte?nbytes=128&format=f ),
> etc. Thus, all random requesters (OpenSSH, OpenSSL, GnuPG, etc.)
> could use the same gatherer and requesters won't need to run all
> those PRNG shell commands all the time (I've noticed 10 sec.
> delays in some hosts that lack a random device).
>
> I've attached the diff to openssh-2.9.9p2 (the last release I've
> seen) and I'm planning to add some sshd_config options to select
> PRNGD hostname and port but, first, I'd like to know what you
> think about this.
>
> Thanks.
>
> --
> Alex Muntada <alexm at ac.upc.es>
> http://people.ac.upc.es/alexm/
>




More information about the openssh-unix-dev mailing list