[Bug 398] OpenSSL build mech. doesn't acknowledge /dev/random in Solaris

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Sep 18 01:23:52 EST 2002


http://bugzilla.mindrot.org/show_bug.cgi?id=398





------- Additional Comments From dtucker at zip.com.au  2002-09-18 01:23 -------
When configure says "Random number source: OpenSSL internal ONLY" it means that 
it's using /dev/urandom.  "Random number source: ssh-rand-helper" is the 
external entropy collector.

Regardless, the openssl libraries will use /dev/urandom if it exists.  (You may 
need to recompile openssl, but I don't think so).  From openssl's e_os.h (typo 
and all :-) :

#ifndef DEVRANDOM
/* set this to your 'random' device if you have one.
 * My default, we will try to read this file */
#define DEVRANDOM "/dev/urandom"
#endif

For maximum portability, when building packages I use "./configure 
--with-rand-helper".  That way /dev/urandom will be used if it exists, but if it 
doesn't then the random helper will be used.  This lets us use the same binaries 
on machines with and without the /dev/random patch.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the openssh-unix-dev mailing list