Re: ssh, /dev/urandom

To: Hubert Chan <hubert@uhoreg.ca>
Cc: debian-hurd@lists.debian.org
Subject: Re: ssh, /dev/urandom
From: Philip Charles <philipc@copyleft.co.nz>
Date: Wed, 18 Dec 2002 16:49:34 +1300 (NZDT)
Message-id: <[🔎] Pine.LNX.4.44.0212181648370.13111-100000@stephen.copyleft.co.nz>
In-reply-to: <[🔎] 87vg1sdq8u.fsf@labatt.uhoreg.ca>

On Tue, 17 Dec 2002, Hubert Chan wrote:

> Philip> 2.  Does ssh only use urandom once, that is to generate keys while it is
> Philip> configuring?  Again I have assumed yes.
>
> I don't think the public/private key (i.e. host key) generation is much
> of an issue, since one should be able to generate these on a different
> machine with a good random number source, and copy them over.
>
> But ssh needs to generate a session key.  Since public key crypto is
> slower than symmetric crypto, ssh only uses the host key to send a
> session key, which is used to do symmetric crypto.  I don't know the
> *exact* details, but that's the general idea, and it's used in pretty
> much all public key crypto systems, or at least in the ones made by
> people who know what they're doing.

Thanks.  Helpful.

Phil.

--
  Philip Charles; 39a Paterson Street, Abbotsford, Dunedin, New Zealand
   +64 3 488 2818        Fax +64 3 488 2875        Mobile 025 267 9420
     philipc@copyleft.co.nz - preferred.          philipc@debian.org
     I sell GNU/Linux & GNU/Hurd CDs.   See http://www.copyleft.co.nz

Reply to:

References:
- Re: ssh, /dev/urandom
  - From: Hubert Chan <hubert@uhoreg.ca>

Prev by Date: Re: ssh, /dev/urandom
Next by Date: Re: ssh, /dev/urandom
Previous by thread: Re: ssh, /dev/urandom
Next by thread: Re: ssh, /dev/urandom
Index(es):
- Date
- Thread