From owner-freebsd-security@FreeBSD.ORG Mon Mar 31 07:19:06 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DEF7437B401 for ; Mon, 31 Mar 2003 07:19:06 -0800 (PST) Received: from dc.cis.okstate.edu (dc.cis.okstate.edu [139.78.100.219]) by mx1.FreeBSD.org (Postfix) with ESMTP id 66C2843F93 for ; Mon, 31 Mar 2003 07:19:06 -0800 (PST) (envelope-from martin@dc.cis.okstate.edu) Received: from dc.cis.okstate.edu (localhost.cis.okstate.edu [127.0.0.1]) by dc.cis.okstate.edu (8.12.6/8.12.6) with ESMTP id h2VFJ55b068082 for ; Mon, 31 Mar 2003 09:19:05 -0600 (CST) (envelope-from martin@dc.cis.okstate.edu) Message-Id: <200303311519.h2VFJ55b068082@dc.cis.okstate.edu> To: freebsd-security@FreeBSD.ORG Date: Mon, 31 Mar 2003 09:19:05 -0600 From: Martin McCormick Subject: Re: How did I Break ssh? Solved. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2003 15:19:08 -0000 The problem is solved. Sometimes, I have asked questions on this list that later turned out to be a case of not reading the manual and I felt properly embarrassed, etc. Here is what it was and all should pay attention if you aspire to use a tar extraction to build or rebuild a system. I thought of what it might do to /dev, but since the systems all use the same architecture and are all FreeBSD 4.7, I figured that the extraction would essentially be writing the same data back to /dev so it shouldn't matter. That is wrong. Apparently, /dev/random no longer works after it is overwritten although it can appear to. As soon as I did a MAKEDEV std, ssh came to life and is now working as it should. Someone asked me if I had /dev/random which I did, but that got me to thinking which lead me to remake all the standard devices. As far as I know, ssh was the only thing that did not work because of this problem. I would suspect that any cryptographic software or anything else that uses random numbers is effected. The behavior of the system just screamed permissions, but that wasn't it. Other software may fail oddly in other ways.