ssh-keygen hangs with empty prngd.conf - bug ?
Lutz Jaenicke
Lutz.Jaenicke at aet.TU-Cottbus.DE
Wed Jun 19 00:06:54 EST 2002
On Tue, Jun 18, 2002 at 07:21:25PM +0530, Hari wrote:
> I use openssh-2.9p2 on an i386 LynxOS system.
> Since LynxOS does not have support for /dev/[u]random, I installed openssh
> with prngd support.
> It so happened by accident on installation that prngd.conf got truncated to
> zero size.
> With prngd running as such, ssh-keygen just hangs.
> I notice similar case with sshd, ssh, ... as all these depend on prngd for
> random number.
>
> SMMEstack# /usr/sbin/sshd -d -d -d
> debug1: Seeding random number generator
>
> < hang >
>
> The hang because of ssh-keygen is important, because the rc boot scripts
> generate ssh host keys if they are not present. Under such cases, (the first
> time the system boots), the system boot just hangs on ssh-keygen which
> should not happen. Isn't this serious? I expect the applications to print an
> error (report random number not available or timeout) and exit.
>
> One other interesting thing to notice is that, prngd consumes extra-ordinary
> cpu resource with empty prngd.conf (bug in prngd ???).
>
>
> PID USERNAME TID PRI TEXT STK DATA STATE TIME CPU COMMAND
> 78 root 66 17 132K 28K 56K ready 5:32 97.69% prngd
Just a shot into the dark:
When starting PRNGD, it reads the configuration of external gatherers.
(The list is empty, but I don't remember having caught this condition.)
After startup, PRNGD will query external gatherers in a tight loop, until
enough entropy was collected. As no external gatherers are defined, it
will stay running in the tight loop...
I'll have to think about how to catch this special condition:
should prngd stop immediatly, if no gatherers were configured?
Best regards,
Lutz
--
Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
More information about the openssh-unix-dev
mailing list