by mail.netbsd.org with SMTP; 4 Oct 2000 18:06:51 -0000
	by coconut.itojun.org (8.9.3+3.2W/3.7W) with ESMTP id DAA06555;
	Thu, 5 Oct 2000 03:06:41 +0900 (JST)
To: John Hawkinson <jhawk@MIT.EDU>
cc: tech-security@netbsd.org
In-reply-to: jhawk's message of Wed, 04 Oct 2000 14:00:48 -0400.
      <200010041800.OAA03274@multics.mit.edu>
Subject: Re: sshd rnd requirements?
From: itojun@iijlab.net
Date: Thu, 05 Oct 2000 03:06:41 +0900
Message-ID: <6553.970682801@coconut.itojun.org>

>| Log Message:
>| enable rnd device.  they are now mandatory for ssh/sshd support,
>| so it makes more sense to enable it.
>| please disable them if there's any issues, but in that case, in-tree
>| ssh/sshd won't work.
>Why is this mandatory? Is there a discussion of the history somewhere?
>It seems like this reduces flexibility in a bunch of cases, as well
>as portability of our sshd (not our primary goal, true, but...).

	there has been a discussion here (or somewhere else), I believe.

	ssh uses openssl RSA/DH library functions.  they require random number
	from random number device when they generate public/secret key pair
	(session key, I believe).  basically, this is not the ssh issue,
	but openssl issue.
	I believe it disallowed for me to change the library functions to
	use pseudo random number generator.  since the random number is very
	important for generating keys.

	so we have to pick either of them:
	- supply rnd(4), make RSA/DH key generator happy, and
	  make ssh/sshd happy
	- ship a kernel without rnd(4), make RSA/DH key generator to choke,
	  and effectively kill ssh/sshd

itojun