On Thu, Dec 28, 2000 at 02:10:09PM -0600, BRIERLY, KEVIN D (AIT) wrote:
> Under normal circumstances ssh command work properly. When the system load
> is high I start getting "Not enough entropy in RNG" back from ssh.
> I looked at the source code and found that this message is triggered by
> checking the output of RAND_status from the openssl libraries. Has anyone
> else ran into this problem. I am currently using ssh 1.2.27 and would like
> to use openssh. This is happening consistently if the cpu load average is
> above 1.0. The old SSH works with no problem with the system in the same
> state.
> I have no /dev/*random* devices
I don't know what kind of entropy collection mechanism you specified.
If it is EGD: EGD can run out of entropy and will not "refill" fast
enough. If you use built-in seeding, you should not see such problem,
but the built in seeding tends to slow down the startup.
Anyway, since I do know this problem from my HP-UX systems, I have written
an undrainable EGD replacement daemon, available at
http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
