Re: [6.0_BETA] cprng xxx: WARNING insufficient entropy at creation.

[Thor Lancelot Simon <tls%panix.com@localhost>]

On Sat, Feb 25, 2012 at 02:08:49PM -0500, Thor Lancelot Simon wrote:
> On Sat, Feb 25, 2012 at 07:54:41PM +0100, Martin Husemann wrote:
> > 
> > What I am still wondering is: is this a local setup problem, unavoidable
> > on this hardware, or a bug in the code?
> 
> Well, one worthwhile question is why sshd would be opening
> /dev/urandom over and over again rather than opening once and
> reading many times.  If it opened it once, it would not deplete
> your system's entropy in this manner.

It's arc4_stir() in libc, I believe.  I'll fix.

OpenSSH is still doing some fairly dubious things like feeding the
output of arc4random() to OpenSSL's RAND_seed().  Not so sure what
to do about that one.

Thor