Date: Tue, 02 Oct 2001 12:06:56 +0000 From: "June Carey" <carey_june@hotmail.com> To: bugs@openbsd.org Cc: bugs@freebsd.org Subject: ssh key-gen Message-ID: <F2234LVzLGw6Yj9x8B70000de5e@hotmail.com>
index | next in thread | raw e-mail
Hi. When I first installed OpenBSD-2.9/i386, I noticed that when it booted up the first time it created "some keys". I think I saw the word DSA. I also think I saw it generating a ssh-key. My point is this: Presumably the gey-generation uses the /dev/random devices, since there isn't anywhere else it can get "random" data from, that I know of. In which case, surely this is a security problem, since the system and /dev/random devices won't have collected enough entropy to generate "truely random" data/numbers. Cheers, Robin Carey. PS I saw FreeBSD-4.3 do the same thing when it booted for the first time, after installation. _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the messagehome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F2234LVzLGw6Yj9x8B70000de5e>