--On Tue, May 12, 1998 9:26 am -0500 "Nathan E Norman" <[EMAIL PROTECTED]> wrote:
> On Tue, 12 May 1998, Jules Bean wrote: > > : Hi there... > > [ snip ] > > : Now, on the Pentium, everything runs nicely. On the 486, it can take > : 10-15 *minutes* to complete an ssl-telnet connection. It gets as far as > : > : njm25# telnet blueberry.jellybean.co.uk > : Trying 194.88.75.31... > : Connected to blueberry.jellybean.co.uk. > : Escape character is '^]'. > : Generating temp (512 bit) RSA key ... > : > : And hangs there for a good 10-15 minutes (I haven't timed it ;-) OK. I've straced it (strace is about the coolest bug finder ever;) using strace -f -p on inetd. The problem is a blocking read on /dev/random. So I read random(4). Very interesting. Very clever. So there are two conclusions: 1) There isn't enough entropy around, and therefor ssltelnetd should use /dev/urandom. 2) My kernel has a rather limited /dev/random entropy pool, for some reason. No, I'm only on 2.0.30, so I am now upgrading to 2.0.33, to see if that helps. I can't see why my entropy would be low - the machine's on a BNC network, and if that doesn't provide entropy, nothing will... Jules /----------------+-------------------------------+---------------------\ | Jelibean aka | [EMAIL PROTECTED] | 6 Evelyn Rd | | Jules aka | | Richmond, Surrey | | Julian Bean | [EMAIL PROTECTED] | TW9 2TF *UK* | +----------------+-------------------------------+---------------------+ | War doesn't demonstrate who's right... just who's left. | | When privacy is outlawed... only the outlaws have privacy. | \----------------------------------------------------------------------/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
