Security
cancel
Showing results for 
Search instead for 
Did you mean: 

OpenSSH ssh-keygen problems tru64 4.0f

Martin Harte
Occasional Contributor

OpenSSH ssh-keygen problems tru64 4.0f

Hey,
Having lots of problems getting openssh working on tru64 4.0f.
It compiles without any trouble but when I run ssh-keygen I have problems

root@alpha2: /home/hartem# ssh-keygen -t rsa
Generating public/private rsa key pair.

It just sits there.

trace reveals it's repeatedly doing the following:
..
getpid () = 1448
getpid () = 1448
gettimeofday (0x11fffad58, 0x0) = 0, [ {1087377421, 299228}, {} ]
getpid () = 1448
getpid () = 1448
gettimeofday (0x11fffae38, 0x0) = 0, [ {1087377421, 340243}, {} ]
getpid () = 1448
getpid () = 1448
gettimeofday (0x11fffad58, 0x0) = 0, [ {1087377421, 357821}, {} ]
getpid () = 1448
getpid () = 1448
..


So it's trying to gather random data but not being able to find enough of the stuff?
I'm running prngd and have compiled openssh to make use of this.

I've left ssh-keygen running over night to no avail, so it's not just a question of the machine being slow.

I run into some difficulties with openssl aswell which is also using the prngd socket.

root@alpha2: /home/hartem# openssl genrsa
Generating RSA private key, 512 bit long modulus
..............................................................................................................

and it just keeps going forever.

openssh-3.7.1p2/key.c
private = RSA_generate_key(bits, 35, NULL, NULL);


RSA_generate_key() from libcrypto, is what openssl and openssh are calling.

I still think that the problem is that, for whatever reason, there isn't enough randomness on the system, despite using prngd.

The same thing happens when doing ssh-keygen -t DSA.

Any ideas or suggestions would be much appreciated.

Thanks,

Martin Harte
3 REPLIES
Ralf Puchner
Honored Contributor

Re: OpenSSH ssh-keygen problems tru64 4.0f

if using opensource (unsupported) ssh please post question in openssh forum of the vendor.

There is e.g. a short post here:
http://aa11.cjb.net/tru64_unix_managers/2000/06/0287.html

Btw. there is a already compiled ssh version within the internet express kit (IAS) - why not using this version? (unsupported)
Help() { FirstReadManual(urgently); Go_to_it;; }
Martin Harte
Occasional Contributor

Re: OpenSSH ssh-keygen problems tru64 4.0f

It doesn't seem to work on 4.0f unfortunately.
Victor Semaska
Frequent Advisor

Re: OpenSSH ssh-keygen problems tru64 4.0f

We've seen this type of behavior with OpenSSH & V4.0F. It turned out that the random no. generator was using 'netstat -a' which was hanging for a very long time. It was a DNS problem.

You mentioned prngd. Did you install that? You can get the kit at:

http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html

Vic