Call for testing: OpenSSH 8.4
Randall S. Becker
rsbecker at nexbridge.com
Mon Sep 21 11:40:51 AEST 2020
> From: Damien Miller <djm at mindrot.org>
On September 20, 2020 7:29 PM, Damien Miller wrote:
> On Sun, 20 Sep 2020, Randall S. Becker wrote:
>
> > On September 20, 2020 2:02 AM, Damien Miller wrote:
> > > OpenSSH 8.4p1 is almost ready for release, so we would appreciate
> > > testing on as many platforms and systems as possible. This is a bugfix
> release.
> >
> > I will be testing this shortly on HPE NonStop platforms.
> >
> > Side question: We now have access to the hardware random generator and
> > can decouple for PRNGD. Any guidance on how to do that would be
> > appreciated. We would be happy to contribute the platform changes as
> > well associated with this and the port changes.
>
> If you add support for the hardware RNG to libcrypto then OpenSSH will use
> it automatically (assuming you haven't built --without-openssl). This
would
> also have the benefit of everything else that uses libcrypto/libssl pick
up
> support too.
I do not build with --without-openssl, so that probably is a good thing. I
have more control on our Itanium platform so can test with OpenSSL 3.0
before it goes to GA, but have to wait for the x86 platform until after that
point. It's a matter of policy. Good to know anyway that changes picked up
via OpenSSL will remove the dependency on PRNGD - somewhat of a RandallBane
in my view.
More information about the openssh-unix-dev
mailing list