From owner-freebsd-bugs Tue Oct 2 5: 7: 1 2001 Delivered-To: freebsd-bugs@freebsd.org Received: from hotmail.com (f223.law11.hotmail.com [64.4.17.223]) by hub.freebsd.org (Postfix) with ESMTP id 8BB4137B406 for ; Tue, 2 Oct 2001 05:06:56 -0700 (PDT) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 2 Oct 2001 05:06:56 -0700 Received: from 195.246.100.35 by lw11fd.law11.hotmail.msn.com with HTTP; Tue, 02 Oct 2001 12:06:56 GMT X-Originating-IP: [195.246.100.35] From: "June Carey" To: bugs@openbsd.org Cc: bugs@freebsd.org Subject: ssh key-gen Date: Tue, 02 Oct 2001 12:06:56 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 02 Oct 2001 12:06:56.0326 (UTC) FILETIME=[BB286E60:01C14B3A] Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi. When I first installed OpenBSD-2.9/i386, I noticed that when it booted up the first time it created "some keys". I think I saw the word DSA. I also think I saw it generating a ssh-key. My point is this: Presumably the gey-generation uses the /dev/random devices, since there isn't anywhere else it can get "random" data from, that I know of. In which case, surely this is a security problem, since the system and /dev/random devices won't have collected enough entropy to generate "truely random" data/numbers. Cheers, Robin Carey. PS I saw FreeBSD-4.3 do the same thing when it booted for the first time, after installation. _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message