Openssh 3.9p1 query - TOP URGENT.
Theo de Raadt
deraadt at cvs.openbsd.org
Tue Mar 22 05:37:02 EST 2005
I believe the messages are more than self-explanatory.
Do not mail openssh at openssh.com for issues like this.
> I am upgrading my openSSH 3.7.1p1 to 3.9p1 in solaris 8
> system. During the ./configure step, the output shows the following
> WARNING messages. Could you please shed some light on what these
> messages are and how it impacts the running environment.
> Earliest reply is most appreciated. Thanks in advance,
> =20
> SVR4 style packages are supported with "make package"\n
> WARNING: you are using the builtin random number collection
> service. Please read WARNING.RNG and request that your OS
> vendor includes kernel-based random number collection in
> future versions of your OS.
> =20
> WARNING: the operating system that you are using does not
> appear to support either the getpeereid() API nor the
> SO_PEERCRED getsockopt() option. These facilities are used to
> enforce security checks to prevent unauthorised connections to
> ssh-agent. Their absence increases the risk that a malicious
> user can connect to your agent.
> =20
> Regards
> Sankar G.
More information about the openssh-unix-dev
mailing list