Re: ssh, /dev/urandom
"Alfred M. Szmidt" <ams@kemisten.nu> writes:
> > I think that we can all accept that there are currently a variety of
> > security holes in the Hurd. The type of security holes which would be
> > introduced by using bad random data, however, is far worse as it has
> > the potential to allow an attacker to obtain access to systems that
> > are ssh'ed to from the Hurd.
>
> Really? So you think that using telnet to get to those systems will
> be more secure?
>
> More secure in the sense that the user knows that it has no security,
> which the user does not know if she uses Open SSH + crappy random
> bits.
This is, as I already have said multiple times, an excellent reason
for full and clear documentation. It is not a reason for excluding
the program.
Reply to:
- References:
- Re: K1 images - final report?
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: K1 images - final report?
- From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: K1 images - final report?
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- ssh, /dev/urandom (was: Re: K1 images - final report?)
- From: Budi Rahardjo <budi@research.indocisc.com>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
- From: pancake <sergipop@mx3.redestb.es>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
- From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: ssh, /dev/urandom
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
- From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
- From: Jeff Bailey <jbailey@nisa.net>
- Re: ssh, /dev/urandom
- From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
- From: neal@cs.uml.edu (Neal H. Walfield)
- Re: ssh, /dev/urandom
- From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: ssh, /dev/urandom
- From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
- From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
- From: neal@cs.uml.edu (Neal H. Walfield)
- Re: ssh, /dev/urandom
- From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
- From: "Alfred M. Szmidt" <ams@kemisten.nu>