Re: ssh, /dev/urandom
> I think that we can all accept that there are currently a variety of
> security holes in the Hurd. The type of security holes which would be
> introduced by using bad random data, however, is far worse as it has
> the potential to allow an attacker to obtain access to systems that
> are ssh'ed to from the Hurd.
Really? So you think that using telnet to get to those systems will
be more secure?
More secure in the sense that the user knows that it has no security,
which the user does not know if she uses Open SSH + crappy random
bits.
Reply to:
- References:
- Re: K1 images - final report?
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: K1 images - final report?
- From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: K1 images - final report?
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- ssh, /dev/urandom (was: Re: K1 images - final report?)
- From: Budi Rahardjo <budi@research.indocisc.com>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
- From: pancake <sergipop@mx3.redestb.es>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
- From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: ssh, /dev/urandom
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
- From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
- From: Jeff Bailey <jbailey@nisa.net>
- Re: ssh, /dev/urandom
- From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
- From: neal@cs.uml.edu (Neal H. Walfield)
- Re: ssh, /dev/urandom
- From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: ssh, /dev/urandom
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
- From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
- From: neal@cs.uml.edu (Neal H. Walfield)
- Re: ssh, /dev/urandom
- From: tb@becket.net (Thomas Bushnell, BSG)