> No, /dev/urandom was already 666, and I just noticed that random was not, so
> I chmodded random 0666 and then the error changed from PRNG not seeded to
> "host key verification failed".
>
> I think there is some useful information in this last round of
> troubleshooting I did - the fact tha
No, /dev/urandom was already 666, and I just noticed that random was not, so
I chmodded random 0666 and then the error changed from PRNG not seeded to
"host key verification failed".
I think there is some useful information in this last round of
troubleshooting I did - the fact that the behav
> Ok, I did this, and got the exact same results - first it says that PRNG is
> not seeded, and then I chmod 0666 /dev/urandom and then it tells me "host
> key verification failed".
I hope you mean /dev/random?
M
>
> So, just in case I also did the opposite - I left random alone and set
> u
Ok, I did this, and got the exact same results - first it says that PRNG is
not seeded, and then I chmod 0666 /dev/urandom and then it tells me "host
key verification failed".
So, just in case I also did the opposite - I left random alone and set
urandom to 2,3 so it behaves like random ... a
>
> Do you mean recompile SSL using urandom instead of random ?
Yes.
> Would it be the exact same effect if I simply changed my /dev/random to
> major/minor 2,4 instead of 2,3 ?
Yes. That would work.
> It seems like that would be much easier...
Indeed!
M
> > > Ok, I am not sure how I can
Do you mean recompile SSL using urandom instead of random ?
Would it be the exact same effect if I simply changed my /dev/random to
major/minor 2,4 instead of 2,3 ?
It seems like that would be much easier...
>
> > Ok, I am not sure how I can do that though - I cannot successfully run
> > `rn
> Ok, I am not sure how I can do that though - I cannot successfully run
> `rndcontrol -s X` inside a jail.
>
> On the other hand, I already have:
>
> rand_irqs="9 10 11 13 14"
>
> In my rc.conf on the underlying host machine, and have done several boots
> with that in place. So presumably I
Ok, I am not sure how I can do that though - I cannot successfully run
`rndcontrol -s X` inside a jail.
On the other hand, I already have:
rand_irqs="9 10 11 13 14"
In my rc.conf on the underlying host machine, and have done several boots
with that in place. So presumably I should be seeded
> I can't seed it by banging on the keyboard - it is a headless server in a
> rack thousands of miles from me :)
>
> Perhaps there is another way to do it ?
Yes.
You need to find sources of entropy in interrupts. Look at a
dmesg, and note which IRQ's your network device(s) and mass
storage con
I can't seed it by banging on the keyboard - it is a headless server in a
rack thousands of miles from me :)
Perhaps there is another way to do it ?
>Date: Thu, 03 Oct 2002 21:54:30 +0100
>
> > Sorry, here is the rest:
> >
> > Here is the output of the `dd` command using urandom:
> >
> > dd i
> Sorry, here is the rest:
>
> Here is the output of the `dd` command using urandom:
>
> dd if=/dev/urandom of=/dev/stdout bs=512 count=1 | hexdump -C
> 1+0 records in
> 1+0 records out
> a0 69 1a 7c 8f 32 e5 21 ae 7a 33 14 68 0b 8e a6
> |.i.|.2.!.z3.h...|
... etc. Looking good.
>
Sorry, here is the rest:
Here is the output of the `dd` command using urandom:
dd if=/dev/urandom of=/dev/stdout bs=512 count=1 | hexdump -C
1+0 records in
1+0 records out
a0 69 1a 7c 8f 32 e5 21 ae 7a 33 14 68 0b 8e a6
|.i.|.2.!.z3.h...|
512 bytes transferred in 0.000472 secs (10
Hi
You only sent me a third of what I asked for :-)
M
>
> Ok, here you are - as a normal user (non root) inside the jail, I have run:
>
> $ dd if=/dev/random of=/dev/stdout bs=512 count=1 | hexdump -C
> dd: /dev/stdout: Permission denied
>
> $ ls -asl /dev/stdout
> 0 crw--- 1 root whe
Ok, here you are - as a normal user (non root) inside the jail, I have run:
$ dd if=/dev/random of=/dev/stdout bs=512 count=1 | hexdump -C
dd: /dev/stdout: Permission denied
$ ls -asl /dev/stdout
0 crw--- 1 root wheel 22, 1 Sep 3 21:46 /dev/stdout
All of this was _after_ I ran the `
> I have found that if you create a jail in FreeBSD 4.6.2, and then log into
> that jail ... if you are root you can scp and ssh just fine. However if you
> are not root and you attempt to ssh or scp, you get this error:
>
> PRNG is not seeded
Hmmm.
> A few details - first, I created my jail
Hello,
I have found that if you create a jail in FreeBSD 4.6.2, and then log into
that jail ... if you are root you can scp and ssh just fine. However if you
are not root and you attempt to ssh or scp, you get this error:
PRNG is not seeded
A few details - first, I created my jail by simply
16 matches
Mail list logo
