On Tue, 17 Dec 2002, Budi Rahardjo wrote: > Even ssh/ssl had problems, but that doesn't stop people from > using it *right now*. ie. not waiting until it is really ... really ... > realy ... really (well, you get the point) secure. > > Just give a warning that current ssh implementation is not that secure. > > Ok. If you guys don't want to include ssh in the package, > at least give a pointer how to do it. (Even not so secure.) > > Now, what's current best practice? We use this: > http://kilobug.free.fr/hurd/random-64.tar.gz > Is there a better alternative(s)? >
The warning displayed at the end of total.sh echo "A file needs to be copied to /dev/urandom before ssh will configure" echo "then run <dpkg --configure -a>. Security will be poor unless the file" echo "consists of random material." Phil. -- Philip Charles; 39a Paterson Street, Abbotsford, Dunedin, New Zealand +64 3 488 2818 Fax +64 3 488 2875 Mobile 025 267 9420 [EMAIL PROTECTED] - preferred. [EMAIL PROTECTED] I sell GNU/Linux & GNU/Hurd CDs. See http://www.copyleft.co.nz