From owner-freebsd-hackers@FreeBSD.ORG Thu Sep 29 18:14:15 2005 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E37A516A41F for ; Thu, 29 Sep 2005 18:14:15 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id A468C43D48 for ; Thu, 29 Sep 2005 18:14:15 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from obsecurity.dyndns.org (CPE0050040655c8-CM00111ae02aac.cpe.net.cable.rogers.com [70.30.70.180]) by elvis.mu.org (Postfix) with ESMTP id 834861A3C1F; Thu, 29 Sep 2005 11:14:15 -0700 (PDT) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id EA762513C1; Thu, 29 Sep 2005 14:14:13 -0400 (EDT) Date: Thu, 29 Sep 2005 14:14:13 -0400 From: Kris Kennaway To: Brian Reichert Message-ID: <20050929181413.GA87227@xor.obsecurity.org> References: <20050929181055.GF74605@numachi.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="WIyZ46R2i8wDzkSu" Content-Disposition: inline In-Reply-To: <20050929181055.GF74605@numachi.com> User-Agent: Mutt/1.4.2.1i Cc: freebsd-hackers@freebsd.org Subject: Re: anyone using security/dropbear? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Sep 2005 18:14:16 -0000 --WIyZ46R2i8wDzkSu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Sep 29, 2005 at 02:10:55PM -0400, Brian Reichert wrote: > I've tried using the dropbear client (0.46), built both from source and > ports, and consistently get this message: >=20 > dbclient: Warning: Reading the random source seems to have blocked. > If you experience problems, you probably need to find a better entropy > source. >=20 > Googling for this diagnostic yields essentially no info, so I don't > know if there's something weird about my FBSD install (4.11-R). >=20 > Has anyone seen this before, or have any advice on the matter? Check the source.. is it using /dev/urandom (which never blocks), or /dev/random (which I still don't think blocks, but may return short reads). Either way, it sounds like some level of application bug...it probably should be using the former source, but even if it's not, it shouldn't be blocking. Kris --WIyZ46R2i8wDzkSu Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDPC71Wry0BWjoQKURAlMoAJ9M6Cfo3lvrlMpF/lE8rfhXZqH5rQCfa/Z4 cMsWmwDtqpHrYaKPMwYYkYM= =NVtY -----END PGP SIGNATURE----- --WIyZ46R2i8wDzkSu--