Re: ssh, /dev/urandom

To: neal@cs.uml.edu (Neal H. Walfield)
Cc: "BSG)"@murphy.debian.org, "Alfred M. Szmidt" <ams@kemisten.nu>, kilobug@freesurf.fr, jbailey@nisa.net, sergipop@mx3.redestb.es, debian-hurd@lists.debian.org
Subject: Re: ssh, /dev/urandom
From: tb@becket.net (Thomas Bushnell, BSG)
Date: 19 Dec 2002 11:53:08 -0800
Message-id: <[🔎] 87fzstyee3.fsf@becket.becket.net>
In-reply-to: <[🔎] 87wum79etj.fsf@bassanio.walfield.org>
References: <[🔎] E18NwLs-0003fU-00@lgh163a.kemisten.nu> <[🔎] plopm3lm2qc6b1.fsf@drizzt.dyndns.org> <[🔎] E18O0CD-0003pc-00@lgh163a.kemisten.nu> <[🔎] 20021217013456.GA30498@research.indocisc.com> <[🔎] E18OG7n-0004PK-00@lgh163a.kemisten.nu> <[🔎] 20021217153627.A15894@l2.ponznet.net> <[🔎] E18OKGC-0004WP-00@lgh163a.kemisten.nu> <[🔎] plopm3el8g4nec.fsf@drizzt.dyndns.org> <[🔎] E18OKyM-0004Xr-00@lgh163a.kemisten.nu> <[🔎] 87k7i8xy4o.fsf@becket.becket.net> <[🔎] 20021217193421.GB26396@nisa.net> <[🔎] 873cowxq19.fsf@becket.becket.net> <[🔎] 87el8gw846.fsf@bassanio.walfield.org> <[🔎] plopm3hedc6w2e.fsf@drizzt.dyndns.org> <[🔎] E18OS35-0004oC-00@lgh163a.kemisten.nu> <[🔎] 87bs3jgqln.fsf@becket.becket.net> <[🔎] 87wum79etj.fsf@bassanio.walfield.org>

neal@cs.uml.edu (Neal H. Walfield) writes:

> > > Why do I feel like repeating this old mantra: Bad security is worse
> > > than no security.
> > 
> > Sez you.  Many disagree.  Especially for a system in development, with
> > already has bad security.
> 
> I think that we can all accept that there are currently a variety of
> security holes in the Hurd.  The type of security holes which would be
> introduced by using bad random data, however, is far worse as it has
> the potential to allow an attacker to obtain access to systems that
> are ssh'ed to from the Hurd.

Really?  So you think that using telnet to get to those systems will
be more secure?

Reply to:

Follow-Ups:
- Re: ssh, /dev/urandom
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>

References:
- Re: K1 images - final report?
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: K1 images - final report?
  - From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: K1 images - final report?
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- ssh, /dev/urandom (was: Re: K1 images - final report?)
  - From: Budi Rahardjo <budi@research.indocisc.com>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
  - From: pancake <sergipop@mx3.redestb.es>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
  - From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: ssh, /dev/urandom
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
  - From: Jeff Bailey <jbailey@nisa.net>
- Re: ssh, /dev/urandom
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
  - From: neal@cs.uml.edu (Neal H. Walfield)
- Re: ssh, /dev/urandom
  - From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: ssh, /dev/urandom
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
  - From: neal@cs.uml.edu (Neal H. Walfield)

Prev by Date: Re: ssh, /dev/urandom
Next by Date: Re: ssh, /dev/urandom
Previous by thread: Re: ssh, /dev/urandom
Next by thread: Re: ssh, /dev/urandom
Index(es):
- Date
- Thread