Subject: Re: no RSA with openssl on m68k systems with 1.5_ALPHA2?
To: None <email@example.com>
From: Thorsten Frueauf <firstname.lastname@example.org>
Date: 10/04/2000 07:12:07
> hmm I see.
> - ssh/rsa.c:rsa_alive() calls RSA_generate_key()
> - RSA_generate_key() calls BN_generate_prime()
> - BN_generate_prime() calls BN_rand() via probable_prime()
> - BN_rand require us to have kernel random number device
> so openssh considers that we don't have RSA in the library.
Yup, I just recompiled a kernel with rnd activated for amiga and hp300, now
sshd starts up without any problems supporting version 1.5 and 2 of the
> similarly, DH_generate_key() does not work if there's no random number
> I'm not sure if it is safe to allow userland-generated pseudo random
> number. it looks intentional. all I can do with confidence is to
> improve error message from ssh/sshd, to warn that you don't have random
> number device.
Yup, it should be somewhere documented - especially as sshd says to look
for ssl(8) which seems does not exist on at least 1.5_ALPHA2.