HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Couldn't connect to PRNGD socket "/dev/egd-pool": Connection refused

 
R.SRIDHAR
Occasional Advisor

Couldn't connect to PRNGD socket "/dev/egd-pool": Connection refused

When i tried to ssh form a particular account i am getting the following error

==========================
[tibtst2: /home/tibco]$ ssh tibprd3
Couldn't connect to PRNGD socket "/dev/egd-pool": Connection refused
Entropy collection failed
ssh-rand-helper child produced insufficient data
========================
Kindly help me to solve this..
1 REPLY
Matti_Kurkela
Honored Contributor

Re: Couldn't connect to PRNGD socket "/dev/egd-pool": Connection refused

Your tibtst2 machine apparently does not have /dev/random, so you're probably running HP-UX 11.11 or older.

Therefore, your ssh client had to use "ssh-rand-helper" to try to gather enough random numbers for initializing the SSH session keys. "ssh-rand-helper" is a shell script that attempts to use various sources to get random numbers. It is a last resort, to be used only if better alternatives are not available.

Your SSH client apparently isn't the current HP Secure Shell. On some Unix-like operating systems, /dev/egd-pool is the standard location for PRNGD socket, but on HP-UX, the socket is more often found in /var/run/egd-pool.

Prngd is included with HP's OpenSSL packages, and it is automatically used if the OS does not have /dev/random and /dev/urandom. When it starts (normally when the system boots), it automatically creates the egd-pool socket.

Please read:
http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=OPENSSL11I

If you have a non-HP prngd installed, try restarting it.

HP has a free optional product (a kernel module) for HP-UX 11.11 that provides /dev/random and /dev/urandom and eliminates the need for prngd:
http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRNG11I

For 11.23 and newer, the same functionality is included in HP-UX as standard.

Installing the KRNG11i product requires a system reboot, but I'd really recommend installing it for all 11.11 systems where ssh and/or OpenSSL is used a lot. Because the KRNG11i works at the kernel level, it can produce random numbers faster and more reliably than userspace solutions like prngd and ssh-rand-helper.

If your system is running HP-UX 11.00, you might consider this:
http://www.josvisser.nl/hpux11-random/

MK
MK