ssh, /dev/urandom (was: Re: K1 images - final report?)

To: debian-hurd@lists.debian.org
Subject: ssh, /dev/urandom (was: Re: K1 images - final report?)
From: Budi Rahardjo <budi@research.indocisc.com>
Date: Tue, 17 Dec 2002 08:34:56 +0700
Message-id: <[🔎] 20021217013456.GA30498@research.indocisc.com>
In-reply-to: <[🔎] E18O0CD-0003pc-00@lgh163a.kemisten.nu>
References: <[🔎] Pine.LNX.4.44.0212160010130.7859-100000@stephen.copyleft.co.nz> <[🔎] 20021215202705.GB1097@aragorn> <[🔎] 20021215221126.A3963@l2.ponznet.net> <[🔎] E18NirN-0003Ib-00@lgh163a.kemisten.nu> <[🔎] plopm33coye2ld.fsf@drizzt.dyndns.org> <[🔎] E18NwLs-0003fU-00@lgh163a.kemisten.nu> <[🔎] plopm3lm2qc6b1.fsf@drizzt.dyndns.org> <[🔎] E18O0CD-0003pc-00@lgh163a.kemisten.nu>

I support the addition of ssh, *even* with a weak random.
The problem is, without ssh ... I would have to resort to telnet.
I have to manage/operate/update our GNU/hurd through network
and I am assuming many are in the same situation.
"Weak" ssh is better than telnet. Having a minimal clothes is
better than naked :-)

Even ssh/ssl had problems, but that doesn't stop people from
using it *right now*. ie. not waiting until it is really ... really ...
realy ... really (well, you get the point) secure.

Just give a warning that current ssh implementation is not that secure.

Ok. If you guys don't want to include ssh in the package,
at least give a pointer how to do it. (Even not so secure.)

Now, what's current best practice? We use this:
   http://kilobug.free.fr/hurd/random-64.tar.gz
Is there a better alternative(s)?


Cheers.
-- budi
--
http://budi.insan.co.id

Reply to:

Follow-Ups:
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
  - From: Philip Charles <philipc@copyleft.co.nz>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
  - From: neal@cs.uml.edu (Neal H. Walfield)
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>

References:
- K1 images - final report?
  - From: Philip Charles <philipc@copyleft.co.nz>
- Re: K1 images - final report?
  - From: Robert Millan <zeratul2@wanadoo.es>
- Re: K1 images - final report?
  - From: pancake <sergipop@mx3.redestb.es>
- Re: K1 images - final report?
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: K1 images - final report?
  - From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: K1 images - final report?
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: K1 images - final report?
  - From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: K1 images - final report?
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>

Prev by Date: Re: Induced crashes
Next by Date: Re: Induced crashes
Previous by thread: Re: K1 images - final report?
Next by thread: Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
Index(es):
- Date
- Thread