[FUGSPBR] sshd
FreeBSD Hack
freebsd em vserver.com.br
Qua Ago 14 14:41:05 BRT 2002
Ta ai.....
* Why do I get a "PRNG not seeded" error message?
Cryptographic software needs a source of unpredictable data to work
correctly. Many open source operating systems provide a "randomness
device" that serves this purpose. On other systems, applications have
to call the RAND_add() or RAND_seed() function with appropriate data
before generating keys or performing public key encryption.
Some broken applications do not do this. As of version 0.9.5, the
OpenSSL functions that need randomness report an error if the random
number generator has not been seeded with at least 128 bits of
randomness. If this error occurs, please contact the author of the
application you are using. It is likely that it never worked
correctly. OpenSSL 0.9.5 and later make the error visible by refusing
to perform potentially insecure encryption.
On systems without /dev/urandom, it is a good idea to use the Entropy
Gathering Demon; see the RAND_egd() manpage for details.
Most components of the openssl command line tool try to use the
file $HOME/.rnd (or $RANDFILE, if this environment variable is set)
for seeding the PRNG. If this file does not exist or is too short,
the "PRNG not seeded" error message may occur.
[Note to OpenSSL 0.9.5 users: The command "openssl rsa" in version
0.9.5 does not do this and will fail on systems without /dev/urandom
when trying to password-encrypt an RSA key! This is a bug in the
library; try a later version instead.]
For Solaris 2.6, Tim Nibbe <tnibbe em sprint.net> and others have suggested
installing the SUNski package from Sun patch 105710-01 (Sparc) which
adds a /dev/random device and make sure it gets used, usually through
$RANDFILE. There are probably similar patches for the other Solaris
versions. However, be warned that /dev/random is usually a blocking
device, which may have some effects on OpenSSL.
Ta no arquivo FAQ! da distribuição..... quer que eu traduza também?
At 14:35 14/8/2002 -0300, you wrote:
>Agora o erro eh o seguinte:
>PRNG is not seeded
>
>O que pode ser?
>
>T+
>Rodrigo
>----- Original Message -----
>From: "FreeBSD Newbie" <freebsd em vserver.com.br>
>To: <fugspbr em fugspbr.org>
>Sent: Wednesday, August 14, 2002 1:42 PM
>Subject: Re: [FUGSPBR] sshd
>
>
>Instala o OPENSSL 0.9.6 (www.openssl.org) na sua maquina que o problema
>estará resolvido.
>
>[]'s
>
>
>At 13:39 14/8/2002 -0300, you wrote:
> >Ola pessoal, preciso de um help. Instaleio o opensshd-3.4p1.tar.gz,
>compilou
> >instalou aparentemente tudo direitinho, mas esta ocorrendo o seguinte erro
> >quando executo o sshd:
> >
> >ld.so.1: sshd: fatal: libcrypto.so.0.9.6: open failed: No such file or
> >directory
> >Killed.
> >
> >O que esta errado, falta alguma biblioteca pelo que eu entendi, mas nao sei
> >ao certo qual.
> >
> >T+
> >Rodrigo
> >
> >
> >________________________________________________
> >Para sair da lista visite o URL abaixo:
> >http://www2.fugspbr.org/mailman/listinfo/fugspbr
>
>---------------------------------------------
>FreeBSD user since 2.1.5 (Long time ago)...
>Windows sometimes is necessary, Linux NEVER.
>My System NOW: FreeBSD 4.6, BeOS 5, QNX 6, SunOS (on Sun Ultra 2), W2K
>
>
>
>________________________________________________
>Para sair da lista visite o URL abaixo:
>http://www2.fugspbr.org/mailman/listinfo/fugspbr
>
>
>________________________________________________
>Para sair da lista visite o URL abaixo:
>http://www2.fugspbr.org/mailman/listinfo/fugspbr
---------------------------------------------
FreeBSD user since 2.1.5 (Long time ago)...
Windows sometimes is necessary, Linux NEVER.
My System NOW: FreeBSD 4.6, BeOS 5, QNX 6, SunOS (on Sun Ultra 2), W2K
________________________________________________
Para sair da lista visite o URL abaixo:
http://www2.fugspbr.org/mailman/listinfo/fugspbr
Mais detalhes sobre a lista de discussão freebsd