ssh-rand-helper

Dan Astoorian djast at cs.toronto.edu
Wed Jan 23 10:59:56 EST 2002


On Tue, 22 Jan 2002 18:10:58 EST, Damien Miller writes:
> 
> I'd rather see some way to configure OpenSSL do fetch entropy from EGD
> within the library itself. Currently it does this from /dev/urandom if
> it is detected at compile time, so it isn't too great a step.

OpenSSL 0.9.7 (according to their website) will do this, if the socket
is where the library expects it to be; i.e., /var/run/egd-pool,
/dev/egd-pool, /etc/egd-pool or /etc/entropy.

However, I don't want the socket to live in any of those locations on my
systems, because I don't run it with enough privileges to bind() in
/var/run, /dev, or /etc.  I might change my mind if and when an option
is added to PRNGD to give away root privileges after initialization.

Moreover, for the forseeable future we will still need to be able to use
OpenSSL releases prior to 0.9.7 with OpenSSH, which means using either
RAND_egd() or the existing code in ssh-rand-helper.c.

In a nutshell:

1) It would be good if the library connected to PRNGD on its own;
   however, currently, it doesn't.

2) Since the library doesn't connect to PRNGD (yet), we need to bridge
   the gap somewhere.  We do so already, in ssh-rand-helper.

3) If RAND_egd() is available, using it in entropy.c instead of forking
   ssh-rand-helper is an obvious and unobtrusive optimization--literally
   one line of code ("if (!RAND_status()) RAND_egd(PRNGD_SOCKET)"), with
   an #ifdef around it.  I would not be suggesting this might be done in
   entropy.c if it were not so utterly trivial.

If there's consensus that, as (according to Dave) Ben said, "we should
use OpenSSL's interface into PRNGD", then entropy.c would be the only
sensible place to do so--replacing the PRNGD_SOCKET code in
ssh-rand-helper.c with RAND_egd() would preclude using SSL libraries
that don't provide it.

> RAND_egd doesn't support fetching from a localhost socket either, at
> least not in my version of OpenSSL.

(I believe I mentioned that, actually.)  This is why the code in
ssh-rand-helper which connects to the localhost socket should be kept;
sites which use localhost sockets, or which have SSL libraries without
RAND_egd(), would have to use ssh-rand-helper.

I'm still interested in opinions about my original question, which was
whether changing ssh-rand-helper to be able to support at build time
both PRNGD and stir_from_commands() etc. simultaneously would be
welcome.

-- 
Dan Astoorian               People shouldn't think that it's better to have
Sysadmin, CSLab             loved and lost than never loved at all.  It's
djast at cs.toronto.edu        not, it's better to have loved and won.  All
www.cs.toronto.edu/~djast/  the other options really suck.    --Dan Redican



More information about the openssh-unix-dev mailing list