Re: ssh, /dev/urandom

To: "Alfred M. Szmidt" <ams@kemisten.nu>
Cc: neal@cs.uml.edu, kilobug@freesurf.fr, jbailey@nisa.net, sergipop@mx3.redestb.es, debian-hurd@lists.debian.org
Subject: Re: ssh, /dev/urandom
From: tb@becket.net (Thomas Bushnell, BSG)
Date: 19 Dec 2002 12:26:39 -0800
Message-id: <[🔎] 87lm2lwy9s.fsf@becket.becket.net>
In-reply-to: <[🔎] E18P6vU-0000IY-00@lgh163a.kemisten.nu>
References: <[🔎] E18NwLs-0003fU-00@lgh163a.kemisten.nu> <[🔎] plopm3lm2qc6b1.fsf@drizzt.dyndns.org> <[🔎] E18O0CD-0003pc-00@lgh163a.kemisten.nu> <[🔎] 20021217013456.GA30498@research.indocisc.com> <[🔎] E18OG7n-0004PK-00@lgh163a.kemisten.nu> <[🔎] 20021217153627.A15894@l2.ponznet.net> <[🔎] E18OKGC-0004WP-00@lgh163a.kemisten.nu> <[🔎] plopm3el8g4nec.fsf@drizzt.dyndns.org> <[🔎] E18OKyM-0004Xr-00@lgh163a.kemisten.nu> <[🔎] 87k7i8xy4o.fsf@becket.becket.net> <[🔎] 20021217193421.GB26396@nisa.net> <[🔎] 873cowxq19.fsf@becket.becket.net> <[🔎] 87el8gw846.fsf@bassanio.walfield.org> <[🔎] plopm3hedc6w2e.fsf@drizzt.dyndns.org> <[🔎] E18OS35-0004oC-00@lgh163a.kemisten.nu> <[🔎] 87bs3jgqln.fsf@becket.becket.net> <[🔎] 87wum79etj.fsf@bassanio.walfield.org> <[🔎] 87fzstyee3.fsf@becket.becket.net> <[🔎] E18P6vU-0000IY-00@lgh163a.kemisten.nu>

"Alfred M. Szmidt" <ams@kemisten.nu> writes:

>    > I think that we can all accept that there are currently a variety of
>    > security holes in the Hurd.  The type of security holes which would be
>    > introduced by using bad random data, however, is far worse as it has
>    > the potential to allow an attacker to obtain access to systems that
>    > are ssh'ed to from the Hurd.
> 
>    Really?  So you think that using telnet to get to those systems will
>    be more secure?
> 
> More secure in the sense that the user knows that it has no security,
> which the user does not know if she uses Open SSH + crappy random
> bits.

This is, as I already have said multiple times, an excellent reason
for full and clear documentation.  It is not a reason for excluding
the program.

Reply to:

Follow-Ups:
- Re: ssh, /dev/urandom
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>

References:
- Re: K1 images - final report?
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: K1 images - final report?
  - From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: K1 images - final report?
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- ssh, /dev/urandom (was: Re: K1 images - final report?)
  - From: Budi Rahardjo <budi@research.indocisc.com>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
  - From: pancake <sergipop@mx3.redestb.es>
- Re: ssh, /dev/urandom (was: Re: K1 images - final report?)
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
  - From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: ssh, /dev/urandom
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
  - From: Jeff Bailey <jbailey@nisa.net>
- Re: ssh, /dev/urandom
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
  - From: neal@cs.uml.edu (Neal H. Walfield)
- Re: ssh, /dev/urandom
  - From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: ssh, /dev/urandom
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: ssh, /dev/urandom
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
  - From: neal@cs.uml.edu (Neal H. Walfield)
- Re: ssh, /dev/urandom
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: ssh, /dev/urandom
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>

Prev by Date: Re: ssh, /dev/urandom
Next by Date: Re: ssh, /dev/urandom
Previous by thread: Re: ssh, /dev/urandom
Next by thread: Re: ssh, /dev/urandom
Index(es):
- Date
- Thread