SSH 3.2.2 on Solaris 8 with /kernel/drv/random
Ed Phillips
ed at UDel.Edu
Fri May 17 23:14:01 EST 2002
On Fri, 17 May 2002, Sean Boran wrote:
> Date: Fri, 17 May 2002 11:03:01 +0200
> From: Sean Boran <sean at boran.com>
> To: openssh-unix-dev at mindrot.org
> Subject: SSH 3.2.2 on Solaris 8 with /kernel/drv/random
>
> Hi,
>
> I'm like to try a get the new release to work with Sun's new device,
> that can be installed with patch 112438-01.
>
> I compiled SSL attempting to point it at the random device:
> cd openssl-0.9.6d
> ./Configure solaris-sparcv7-gcc
> make DEVRANDOM="/kernel/drv/random"
Not necessary. Just do "make".
> And then ran the SSH configure:
> ./configure --prefix=/opt/OBSDssh --with-pam --without-rsh \
> --sysconfdir=/etc/ssh --with-pid-dir=/var/run --disable-suid-ssh \
> --with-tcp-wrappers=../tcp_wrappers_7.6
Also add, --without-rand-helper.
> But am not convinced this is correct.
>
> and I also tried:
> ./configure --prefix=/opt/OBSDssh --with-pam --without-rsh \
> --sysconfdir=/etc/ssh --with-pid-dir=/var/run --disable-suid-ssh \
> --with-tcp-wrappers=../tcp_wrappers_7.6 \
> --with-prngd-socket=/kernel/drv/random
>
> And configure says:
> Random number source: ssh-rand-helper
> ssh-rand-helper collects from: Unix domain socket
> "/kernel/drv/random"
It'll say "Random number source: OpenSSL internal" or something to that
effect...
> But I don't think /kernel/drv/random is a socket, "ls" lists it as a
> normal file.
> ls -alF /kernel/drv/random
> -rwxr-xr-x 1 root sys 15704 Mar 15 00:33
> /kernel/drv/random*
/kernel/drv/random is the kernel *driver* which is not the random number
"device" file that you want to read. OpenSSL will automatically use
"/dev/urandom".
> If I compile SSH as above and then try to use the random device I get:
> ./ssh-rand-helper
> Couldn't connect to PRNGD socket "/kernel/drv/random": Socket operation
> on non-socket. Entropy collection failed
>
> So the question: has anyone got SSH to work with Sun's random device and
> if so, how did you do it?
Yep... it works great! ;-)
Ed
Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082
Systems Programmer III, Network and Systems Services
finger -l ed at polycut.nss.udel.edu for PGP public key
More information about the openssh-unix-dev
mailing list