On Wed, Jan 10, 2001 at 11:18:13AM +0100, Bodo Moeller wrote:
> On Tue, Jan 09, 2001 at 05:45:02PM +0100, [EMAIL PROTECTED] wrote:
>
> > + *) Add automatic query of EGD sockets in RAND_poll() for the unix variant.
> > + If an EGD or PRNGD is running and enough entropy is returned, automatic
> > + seeding like with /dev/[u]random will be performed.
> > + Positions tried are: /etc/entropy, /var/run/egd-pool.
> > + [Lutz Jaenicke]
>
> Is /etc/entropy a standard location for EGD? Otherwise, and maybe
> even if it is, I'd prefer an explicit file name such as /etc/egd-pool
> instead of /etc/entropy. The reason is that, judging from its name,
> /etc/entropy could be about anything (a symlink to /dev/random or
> whatever), but EGD has a very specific interface design; and for those
> who find /etc/{entropy,egd-pool} and are curious what is used for,
> "egd" is a better term for grepping through the documentation or
> searching the web. (It will probably be obvious from the context that
> "egd" does not refer to esophagogastroduodenoscopy, even though the
> querying procedure is similar. And a web search for "egd pool" is
> likely to show up pages that are about the Entropy Gathering Daemon.)
I wholeheartly agree. The /var/run/egd-pool coincides with your understanding
and is my personal location and proposal. /etc/entropy I took from the
README in egd-0.8, where it is explicitly named:
...
HOW TO USE EGD WITH OpenSSH: <http://www.openssh.com>
(thanks to Patrick Gardella)
First, you'll need to configure OpenSSH to use EGD for it's random number
needs. Add "--with-egd-pool=/etc/entropy" to the arguments you give to
./configure.
Second, you need to have the daemon running. EGD listens on unix-domain
socket for entropy requests. When you start egd.pl, you tell it where to
create the socket. It can be anywhere for which you have write
permissions. Common places include, /etc/entropy, /tmp/entropy, etc.
Simply start the daemon as follows:
egd.pl /etc/entropy
Of course, we are free to contact Brian Warner <[EMAIL PROTECTED]> and
ask him to propose a better location.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
