Using -lssh as shared library
Damien Miller
djm at mindrot.org
Tue Oct 9 09:50:43 EST 2001
On Mon, 8 Oct 2001 mouring at etoh.eviladmin.org wrote:
> > from arc4random() should be made global and available from
> > seed_rng() as well (this last point isn't obvious, as it
> > will stop calling seed_rgn() more than once if *required*).
>
> Damien, can we just remove seed_rng() from arc4random? We are doing
> seed_rng() in every major binary that requires entropy collection (except
> for ssh-keyscan.c which we need to add it to now). I know we needed this
> when we first started, but I think (from glancing at the code) it is now
> dead wood. I would prefer that than sprinkling portable code around more.
You can if you can make sure that the arc4 prng gets seeded with good
entropy. I think OpenSSL provides a way to do that.
-d
--
| Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's
| http://www.mindrot.org / distributed filesystem'' - Dan Geer
More information about the openssh-unix-dev
mailing list