prngd not seeded

Kaysee Long kaysee at us.ibm.com
Wed May 7 07:33:11 EST 2003 

I am running openssh 3.4p1 and had everything working fine, but then we had
to upgrde the openssl.  So did the same steps now openssh is not seeing
prngd.  We configure openssh with :

--with-prngd-socket=/var/spool/prngd/pool

this is what we saw with openssl-0.9.6g when I configured it:

OpenSSH has been configured with the following options:
                     User binaries: /usr/local/bin
                   System binaries: /usr/local/sbin
               Configuration files: /usr/local/etc
                   Askpass program: /usr/local/libexec/ssh-askpass
                      Manual pages: /usr/local/man/manX
                          PID file: /usr/local/etc
  Privilege separation chroot path: /var/empty
            sshd default user PATH:
/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
                    Manpage format: man
                       PAM support: no
                KerberosIV support: no
                 KerberosV support: no
                 Smartcard support: no
                       AFS support: no
                     S/KEY support: no
              TCP Wrappers support: yes
              MD5 password support: no
       IP address in $DISPLAY hack: no
          Use IPv4 by default hack: no
           Translate v4 in v6 hack: no
                  BSD Auth support: no
              Random number source: ssh-rand-helper
     ssh-rand-helper collects from: Unix domain socket
"/var/spool/prngd/pool"

              Host: sparc-sun-solaris2.7
          Compiler: gcc
    Compiler flags: -g -O2 -Wall -Wpointer-arith -Wno-uninitialized
Preprocessor flags: -I/usr/local/include -I/usr/local/include
-I/usr/local/lib -I/usr/local/include
      Linker flags: -L/usr/local/lib -R/usr/local/lib -L/usr/local/lib
-R/usr/local/lib -L/usr/local/lib -R/usr/local/lib  -L/usr/local/lib
-R/usr/local/lib
         Libraries: -lwrap  -lz -lsocket -lnsl  -lcrypto

You can see the Random Number Source is ssh-rand-helper




with the new openssl-0.9.7b I get this:




OpenSSH has been configured with the following options:
                     User binaries: /usr/local/bin
                   System binaries: /usr/local/sbin
               Configuration files: /usr/local/etc
                   Askpass program: /usr/local/libexec/ssh-askpass
                      Manual pages: /usr/local/man/manX
                          PID file: /usr/local/etc
  Privilege separation chroot path: /var/empty
            sshd default user PATH:
              /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
                    Manpage format: man
                       PAM support: no
                KerberosIV support: no
                 KerberosV support: no
                 Smartcard support: no
                       AFS support: no
                     S/KEY support: no
              TCP Wrappers support: yes
              MD5 password support: no
       IP address in $DISPLAY hack: no
          Use IPv4 by default hack: no
           Translate v4 in v6 hack: no
                  BSD Auth support: no
              Random number source: OpenSSL internal ONLY

              Host: sparc-sun-solaris2.7
          Compiler: gcc
    Compiler flags: -g -O2 -Wall -Wpointer-arith -Wno-uninitialized
Preprocessor flags: -I/usr/local/include -I/usr/local/include
              -I/usr/local/lib
-I/usr/local/include
      Linker flags: -L/usr/local/lib -R/usr/local/lib -L/usr/local/lib
              -R/usr/lo
cal/lib -L/usr/local/lib -R/usr/local/lib  -L/usr/local/lib
              -R/usr/local/lib
         Libraries: -lwrap  -lz -lsocket -lnsl  -lcrypto


You see the random number source is openSSL interal only

Do you know why? I use the configuration on both without changing it....

thanks  Kaysee

More information about the openssh-unix-dev mailing list