| Subject: | Re: OpenSSH/OpenSSL patches to stop excessive entropy consumption |
|---|---|
| From: | Thor Lancelot Simon |
| Date: | Sat, 3 Mar 2012 23:30:16 -0500 |
On Sun, Mar 04, 2012 at 01:26:40PM +0900, Izumi Tsutsui wrote: > > It looks the root cause of these problems is that > new kernel RNG explicitly requires too much entropy. Uh, no. With DEBUG turned on, the new kernel RNG *tells you* when you run out of entropy. The old one didn't. The way OpenSSH uses OpenSSL, it was drawing 32 bytes from /dev/urandom half a dozen times per connection. It's certainly not the fault of the new code that the old code did not inform anyone of the problem. Thor |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: OpenSSH/OpenSSL patches to stop excessive entropy consumption, Izumi Tsutsui |
|---|---|
| Next by Date: | Re: OpenSSH/OpenSSL patches to stop excessive entropy consumption, Thor Lancelot Simon |
| Previous by Thread: | Re: OpenSSH/OpenSSL patches to stop excessive entropy consumption, Izumi Tsutsui |
| Next by Thread: | Re: OpenSSH/OpenSSL patches to stop excessive entropy consumption, Izumi Tsutsui |
| Indexes: | [Date] [Thread] [Top] [All Lists] |