RE: Apache/2.1.0-dev, mod_ssl and insufficient entry
So did changing it from "egc.pl" to "egd.pl" solve your "insufficient entropy" error ??? -tony -Original Message- From: J. W. Ballantine [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 8:06 AM To: [EMAIL PROTECTED] Subject: Re: Apache/2.1.0-dev, mod_ssl and insufficient entry Yes, that is the name of the perl script that reads from the pool for seed generation. -- In Response to your message - > Date: Thu, 19 Jun 2003 07:47:05 -0700 > To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> > From: "Bennett, Tony - CNF" <[EMAIL PROTECTED]> > Subject: RE: Apache/2.1.0-dev, mod_ssl and insufficient entry > > JW, > > Do you really mean "/usr/local/add-on/egd/bin/egd.pl" > ^ > -tony > > > > -Original Message- > From: J. W. Ballantine [mailto:[EMAIL PROTECTED] > Sent: Thursday, June 19, 2003 6:37 AM > To: [EMAIL PROTECTED] > Subject: Apache/2.1.0-dev, mod_ssl and insufficient entry > > > I tried this question with users and was directed here. If that is > wrong, please let me know. Thanks > > > > > I'm trying to start Apache/2.1.0-dev with mod_ssl enabled and all I > keep getting is the dreaded: > > [Wed Jun 18 15:31:59 2003] [warn] Init: PRNG still contains > insufficient > entropy! > [Wed Jun 18 15:31:59 2003] [error] Init: Failed to generate temporary 512 > bit > RSA private key > Configuration Failed > > I understand that this is controlled by SSLRandomSeed in the > httpd.conf file, and I've tried the following pairs to generate > enough entropy: > > SSLRandomSeed startup exec:`/usr/local/add-on/egd/bin/egc.pl > /etc/local/openssh/egd-pool` > SSLRandomSeed connect exec:`/usr/local/add-on/egd/bin/egc.pl > /etc/local/openssh/egd-pool` > > SSLRandomSeed startup egd:/etc/local/openssh/egd-pool SSLRandomSeed > connect egd:/etc/local/openssh/egd-pool > > SSLRandomSeed startup file:/etc/local/openssh/httpd_ssl.seed > SSLRandomSeed connect file:/etc/local/openssh/httpd_ssl.seed > > > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > > where /etc/local/openssh/httpd_ssl.seed was created by: > /usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool read 255 > and /etc/local/openssh/egd-pool is the socket from egd.pl ( which > works fine with pnrgd for opensshd ). > > Any thoughts/pointers will be greatly appreciated. > > The cvs date is 20030612 and other info on httpd are: > > Server version: Apache/2.1.0-dev > Server built: Jun 12 2003 12:14:31 > Server version: Apache/2.1.0-dev > Server built: Jun 12 2003 12:14:31 > Server's Module Magic Number: 20030213:1 > Architecture: 32-bit > Server compiled with > -D APACHE_MPM_DIR="server/mpm/prefork" > -D APR_HAS_MMAP > -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) > -D APR_USE_PROC_PTHREAD_SERIALIZE > -D APR_USE_PTHREAD_SERIALIZE > -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT > -D APR_HAS_OTHER_CHILD > -D AP_HAVE_RELIABLE_PIPED_LOGS > -D HTTPD_ROOT="/local/APACHE/Apache2" > -D SUEXEC_BIN="/local/APACHE/Apache2/bin/suexec" > -D DEFAULT_PIDLOG="logs/httpd.pid" > -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" > -D DEFAULT_LOCKFILE="logs/accept.lock" > -D DEFAULT_ERRORLOG="logs/error_log" > -D AP_TYPES_CONFIG_FILE="conf/mime.types" > -D SERVER_CONFIG_FILE="conf/httpd.conf" > Compiled in modules: >core.c >mod_authn_file.c >mod_authn_default.c >mod_authz_host.c >mod_authz_groupfile.c >mod_authz_user.c >mod_authz_default.c >mod_auth_basic.c >mod_include.c >mod_log_config.c >mod_env.c >mod_setenvif.c >mod_ssl.c >prefork.c >http_core.c >mod_mime.c >mod_status.c >mod_autoindex.c >mod_asis.c >mod_cgi.c >mod_negotiation.c >mod_dir.c >mod_imap.c >mod_actions.c >mod_userdir.c >mod_alias.c >mod_so.c >
Re: Apache/2.1.0-dev, mod_ssl and insufficient entry
Yes, that is the name of the perl script that reads from the pool for seed generation. -- In Response to your message - > Date: Thu, 19 Jun 2003 07:47:05 -0700 > To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> > From: "Bennett, Tony - CNF" <[EMAIL PROTECTED]> > Subject: RE: Apache/2.1.0-dev, mod_ssl and insufficient entry > > JW, > > Do you really mean "/usr/local/add-on/egd/bin/egd.pl" > ^ > -tony > > > > -Original Message- > From: J. W. Ballantine [mailto:[EMAIL PROTECTED] > Sent: Thursday, June 19, 2003 6:37 AM > To: [EMAIL PROTECTED] > Subject: Apache/2.1.0-dev, mod_ssl and insufficient entry > > > I tried this question with users and was directed here. If that is wrong, > please let me know. Thanks > > > > > I'm trying to start Apache/2.1.0-dev with mod_ssl enabled and all I keep > getting is the dreaded: > > [Wed Jun 18 15:31:59 2003] [warn] Init: PRNG still contains insufficient > entropy! > [Wed Jun 18 15:31:59 2003] [error] Init: Failed to generate temporary 512 > bit > RSA private key > Configuration Failed > > I understand that this is controlled by SSLRandomSeed in the httpd.conf > file, and I've tried the following pairs to generate enough entropy: > > SSLRandomSeed startup exec:`/usr/local/add-on/egd/bin/egc.pl > /etc/local/openssh/egd-pool` > SSLRandomSeed connect exec:`/usr/local/add-on/egd/bin/egc.pl > /etc/local/openssh/egd-pool` > > SSLRandomSeed startup egd:/etc/local/openssh/egd-pool SSLRandomSeed connect > egd:/etc/local/openssh/egd-pool > > SSLRandomSeed startup file:/etc/local/openssh/httpd_ssl.seed > SSLRandomSeed connect file:/etc/local/openssh/httpd_ssl.seed > > > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > > where /etc/local/openssh/httpd_ssl.seed was created by: > /usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool read 255 and > /etc/local/openssh/egd-pool is the socket from egd.pl ( which works fine > with pnrgd for opensshd ). > > Any thoughts/pointers will be greatly appreciated. > > The cvs date is 20030612 and other info on httpd are: > > Server version: Apache/2.1.0-dev > Server built: Jun 12 2003 12:14:31 > Server version: Apache/2.1.0-dev > Server built: Jun 12 2003 12:14:31 > Server's Module Magic Number: 20030213:1 > Architecture: 32-bit > Server compiled with > -D APACHE_MPM_DIR="server/mpm/prefork" > -D APR_HAS_MMAP > -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) > -D APR_USE_PROC_PTHREAD_SERIALIZE > -D APR_USE_PTHREAD_SERIALIZE > -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT > -D APR_HAS_OTHER_CHILD > -D AP_HAVE_RELIABLE_PIPED_LOGS > -D HTTPD_ROOT="/local/APACHE/Apache2" > -D SUEXEC_BIN="/local/APACHE/Apache2/bin/suexec" > -D DEFAULT_PIDLOG="logs/httpd.pid" > -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" > -D DEFAULT_LOCKFILE="logs/accept.lock" > -D DEFAULT_ERRORLOG="logs/error_log" > -D AP_TYPES_CONFIG_FILE="conf/mime.types" > -D SERVER_CONFIG_FILE="conf/httpd.conf" > Compiled in modules: >core.c >mod_authn_file.c >mod_authn_default.c >mod_authz_host.c >mod_authz_groupfile.c >mod_authz_user.c >mod_authz_default.c >mod_auth_basic.c >mod_include.c >mod_log_config.c >mod_env.c >mod_setenvif.c >mod_ssl.c >prefork.c >http_core.c >mod_mime.c >mod_status.c >mod_autoindex.c >mod_asis.c >mod_cgi.c >mod_negotiation.c >mod_dir.c >mod_imap.c >mod_actions.c >mod_userdir.c >mod_alias.c >mod_so.c >
RE: Apache/2.1.0-dev, mod_ssl and insufficient entry
JW, Do you really mean "/usr/local/add-on/egd/bin/egd.pl" ^ -tony -Original Message- From: J. W. Ballantine [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 6:37 AM To: [EMAIL PROTECTED] Subject: Apache/2.1.0-dev, mod_ssl and insufficient entry I tried this question with users and was directed here. If that is wrong, please let me know. Thanks I'm trying to start Apache/2.1.0-dev with mod_ssl enabled and all I keep getting is the dreaded: [Wed Jun 18 15:31:59 2003] [warn] Init: PRNG still contains insufficient entropy! [Wed Jun 18 15:31:59 2003] [error] Init: Failed to generate temporary 512 bit RSA private key Configuration Failed I understand that this is controlled by SSLRandomSeed in the httpd.conf file, and I've tried the following pairs to generate enough entropy: SSLRandomSeed startup exec:`/usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool` SSLRandomSeed connect exec:`/usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool` SSLRandomSeed startup egd:/etc/local/openssh/egd-pool SSLRandomSeed connect egd:/etc/local/openssh/egd-pool SSLRandomSeed startup file:/etc/local/openssh/httpd_ssl.seed SSLRandomSeed connect file:/etc/local/openssh/httpd_ssl.seed SSLRandomSeed startup builtin SSLRandomSeed connect builtin where /etc/local/openssh/httpd_ssl.seed was created by: /usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool read 255 and /etc/local/openssh/egd-pool is the socket from egd.pl ( which works fine with pnrgd for opensshd ). Any thoughts/pointers will be greatly appreciated. The cvs date is 20030612 and other info on httpd are: Server version: Apache/2.1.0-dev Server built: Jun 12 2003 12:14:31 Server version: Apache/2.1.0-dev Server built: Jun 12 2003 12:14:31 Server's Module Magic Number: 20030213:1 Architecture: 32-bit Server compiled with -D APACHE_MPM_DIR="server/mpm/prefork" -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_PROC_PTHREAD_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D HTTPD_ROOT="/local/APACHE/Apache2" -D SUEXEC_BIN="/local/APACHE/Apache2/bin/suexec" -D DEFAULT_PIDLOG="logs/httpd.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_LOCKFILE="logs/accept.lock" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf" Compiled in modules: core.c mod_authn_file.c mod_authn_default.c mod_authz_host.c mod_authz_groupfile.c mod_authz_user.c mod_authz_default.c mod_auth_basic.c mod_include.c mod_log_config.c mod_env.c mod_setenvif.c mod_ssl.c prefork.c http_core.c mod_mime.c mod_status.c mod_autoindex.c mod_asis.c mod_cgi.c mod_negotiation.c mod_dir.c mod_imap.c mod_actions.c mod_userdir.c mod_alias.c mod_so.c
Re: Apache 2.1.0
At 06:54 PM 3/16/2003, Dave wrote: >When are we going to start seeing httpd 2.1.x releases? httpd 2.0.x releases were >coming out about two years before a GA release. What is the plan for 2.1.x >functionality? We will have no 2.1.x-gold releases, the 2.1-dev tree is (by definition) -beta. So we should get busting on a 2.1.0-beta pretty soon here :-) But don't look for it before we've let 2.0.45 fly this week, and get a few days feedback about any possible regressions (none, we hope!) :-) We should still follow the -alpha then -beta convention, where we first identify the release as -alpha just to check that the packaging and such are goodness before the majority of the community grabs the package. >Just interested! I would like to use mod_dav_lock. Cool! We need early adopters :-) We hope that most module authors will begin working with the 2.1-dev tree long before 2.1 is released, especially requesting changes that we can't make to 2.0 without breaking compatibility, but that would greatly simplify, speed up or otherwise improve their modules. It will be strongly 'supported' - in the sense that we want to lick bugs. But it will be a moving target - we *want* to break the API in any way that will benefit the httpd 2.2 server once it is released. Really, 2.2.0-gold will be the first 'release' of the 2.1-dev efforts. One, we expect the changes will be much less substantial than 1.3->2.0 were. And 2.1-dev isn't and 2.2 won't be binary compatible with 2.0 modules. But if we've accomplished our goals, all 2.2 releases will be binary compatible with one another (at least forward compatible, e.g. 2.2.3 module that uses a brand new feature should work with 2.2.3 or later, and a module authored to the 2.2.0 API should be compatible with all 2.2 releases.) Bill
