From owner-freebsd-security@FreeBSD.ORG Wed Aug 9 15:18:06 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7ABA516A4DA for ; Wed, 9 Aug 2006 15:18:06 +0000 (UTC) (envelope-from arne_woerner@yahoo.com) Received: from web30304.mail.mud.yahoo.com (web30304.mail.mud.yahoo.com [209.191.69.66]) by mx1.FreeBSD.org (Postfix) with SMTP id 5974343D97 for ; Wed, 9 Aug 2006 15:17:46 +0000 (GMT) (envelope-from arne_woerner@yahoo.com) Received: (qmail 81658 invoked by uid 60001); 9 Aug 2006 15:17:45 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=CExpF9/5cdmisoJIBV0X/nbk3vXsPkSvWLQKFz7qyJFGRDbWStvrZNsvS+HRpgXCnQjR54ALN0Kvvgddzea7jlgKIUATx52j8hA6a5eCossdK5I1slcYPCq7SZaEYjmOh4q9f1/H2PUxuC0yrdzyR/h7TrnXnbfLOyZcI+gfZGY= ; Message-ID: <20060809151745.81656.qmail@web30304.mail.mud.yahoo.com> Received: from [213.54.65.30] by web30304.mail.mud.yahoo.com via HTTP; Wed, 09 Aug 2006 08:17:45 PDT Date: Wed, 9 Aug 2006 08:17:45 -0700 (PDT) From: "R. B. Riddick" To: fwaggle , Brooks Davis In-Reply-To: <44D9E348.3060604@hungryhacker.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Cc: freebsd-security@freebsd.org Subject: Re: seeding dev/random in 5.5 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Aug 2006 15:18:06 -0000 --- fwaggle wrote: > i have a question. perhaps i'm misunderstanding something with how SSH > works, but how would having a "standard freebsd private key" benefit > anyone? if you wanted to impersonate a newly installed freebsd machine, > then all you'd need is that freely-available private key. plus you'd get > a bunch of clueless admins who had their machines installed by a > dedicated server provider, and who'd never change their host key, which > would effectively ruin SSH for their purposes. > Hmm... I was refering to the special problem of the beginner of this thread... As far as I understood him, he creates very special CDs, that are copied to the to-be-updated-box, that is buried very deeply in a computing centre. Those CDs may contain his special install-host-key without the problems u describe... > unless i've seriously missed the boat somewhere (it's happened before!) > i think a better solution would still be random key generation with a > nice little option to email the key signature somewhere that the new > admin could pick it up. it's still fraught with impersonation danger for > the paranoid, but imo it's a better idea than having a not-so-private > key on install. > Hmm... But then he would have the problem with a more complicated operation procedure, which has to be translated into hollandish-language (which is astonishingly quite similar to Africaans)... -Arne __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com