Re: ssltelnet *very* slow on a 486...
--On Tue, May 12, 1998 9:26 am -0500 "Nathan E Norman" <finn@midco.net>
wrote:
> On Tue, 12 May 1998, Jules Bean wrote:
>
> : Hi there...
>
> [ snip ]
>
> : Now, on the Pentium, everything runs nicely. On the 486, it can take
> : 10-15 *minutes* to complete an ssl-telnet connection. It gets as far as
> :
> : njm25# telnet blueberry.jellybean.co.uk
> : Trying 194.88.75.31...
> : Connected to blueberry.jellybean.co.uk.
> : Escape character is '^]'.
> : Generating temp (512 bit) RSA key ...
> :
> : And hangs there for a good 10-15 minutes (I haven't timed it ;-)
OK.
I've straced it (strace is about the coolest bug finder ever;) using strace
-f -p on inetd.
The problem is a blocking read on /dev/random.
So I read random(4). Very interesting. Very clever. So there are two
conclusions:
1) There isn't enough entropy around, and therefor ssltelnetd should use
/dev/urandom.
2) My kernel has a rather limited /dev/random entropy pool, for some reason.
No, I'm only on 2.0.30, so I am now upgrading to 2.0.33, to see if that
helps. I can't see why my entropy would be low - the machine's on a BNC
network, and if that doesn't provide entropy, nothing will...
Jules
/----------------+-------------------------------+---------------------\
| Jelibean aka | jules@jellybean.co.uk | 6 Evelyn Rd |
| Jules aka | | Richmond, Surrey |
| Julian Bean | jmlb2@hermes.cam.ac.uk | TW9 2TF *UK* |
+----------------+-------------------------------+---------------------+
| War doesn't demonstrate who's right... just who's left. |
| When privacy is outlawed... only the outlaws have privacy. |
\----------------------------------------------------------------------/
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: