Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Problems with SSH / telnet
Operating Systems AIX Problems with SSH / telnet Post 302247603 by bakunin on Thursday 16th of October 2008 05:15:03 AM
Old 10-16-2008
Just a question: do you have checked /dev/random? The availability of it is key to secure-layer protocols. It would explain the sshd running wild.

I hope this helps.

bakunin
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

SCO openserver 5.0.6 Telnet Problems

Hi guys, Please bear with me i have a sco 5.0.6 openserver i'm telnet in to it. (via dsl) After 7 minutes it will kick me out of my program. Is there any settings that i need to change in order to stop the time out problem. I dont have any router or hub (dsl modem to nic card ) Also... (6 Replies)
Discussion started by: josramon
6 Replies

2. UNIX for Dummies Questions & Answers

Unix SCO 5.0.6 Telnet Problems

Hello there . I have a unix box 5.0.06 , this is the error (Telnetd: All networks ports in use . Can anyone tellme how to resolve this problem. Thanks a lot . (2 Replies)
Discussion started by: josramon
2 Replies

3. UNIX for Dummies Questions & Answers

Problems with Telnet

Hi everybody I already have installed Linux Red Hat FC4 in two machines into the same net using DHCP in both of them, the network interface are working fine cuz i can surf in Internet in those machines The problem is i need to do a Telnet from one host to the other, the xinetd and telnet... (1 Reply)
Discussion started by: Lestat
1 Replies

4. UNIX for Dummies Questions & Answers

Problems with telnet.

Hi Guys! I'm trying to connect to a regatta IBM (Sun 5.8) from my recently installed Sun Blazer, but I got the following: % telnet regatta Trying 167.164.87.8 Connected to regatta Escape character is '^]' Connection closed by foreign host % Do you have any idea what the problem is?... (2 Replies)
Discussion started by: cordobapablo
2 Replies

5. UNIX for Dummies Questions & Answers

Running Script from Telnet - Problems

...so I read "The Pragmatic Programmer" and they stressed the value of learning shell scripting! I'm in a UNIX environment but have a Windows XP workstation. I'm using Telnet to issue UNIX commands. I've done plenty of chmod's, command line ftp and stuff, but written no scripts to this point.... (1 Reply)
Discussion started by: pauljohn
1 Replies

6. UNIX for Advanced & Expert Users

about ssh and telnet

I amn't advance but i want to learn some commands where here you can help me. i don't learn easy commands but i learn if its good experience and interesting. I want to learn about ssh, telnet and how i can be miff ( i don't speek good english but i hope to understant me) thanks for any help... (1 Reply)
Discussion started by: Kostantinos
1 Replies

7. UNIX for Dummies Questions & Answers

like ssh telnet

I want to learn some commands like ssh, telnet and others where i can be tease. thanks for help... (2 Replies)
Discussion started by: Kostantinos
2 Replies

8. UNIX for Dummies Questions & Answers

Telnet and ssh in a script

dear all, I know that this question has been asked before frequently, but I really don't get it. My question is composed of several ones. First:To telnet through a script, I was told to use the way described below, and it works for me, but i don't understand the syntax here.... (3 Replies)
Discussion started by: marwan
3 Replies

9. Shell Programming and Scripting

TELNET to SSH

Hi All, I was implementing a change of TELNET to SSH connectivity, and finding it tough at a point where I was connecting to another unix server through TELNET. ( ps -ef |grep abcd) | TELNET x.xx.xxx.xx now I when I tried to replace TELNET with SSH, i am not able to connect. ( ps -ef... (1 Reply)
Discussion started by: pranavagarwal
1 Replies

10. Red Hat

networking problems with ftp,telnet, ssh, http

I have following problems with RHEL 5.2 Desktop installation ftp, telnet, ssh and web are not working. Web browser tries to connect to host but eventually fail with timeout. ftp, telnet and ssh simply hung, nothing happens. Basically all protocols will end up in timeout. ping, nslookup and... (2 Replies)
Discussion started by: Kainu
2 Replies

LEARN ABOUT DEBIAN

random

RANDOM(4)						     Linux Programmer's Manual							 RANDOM(4)

NAME

       random, urandom - kernel random number source devices

DESCRIPTION

       The  character  special	files /dev/random and /dev/urandom (present since Linux 1.3.30) provide an interface to the kernel's random number
       generator.  File /dev/random has major device number 1 and minor device number 8.  File /dev/urandom has major device number  1	and  minor
       device number 9.

       The  random  number  generator  gathers environmental noise from device drivers and other sources into an entropy pool.	The generator also
       keeps an estimate of the number of bits of noise in the entropy pool.  From this entropy pool random numbers are created.

       When read, the /dev/random device will only return random bytes within the  estimated  number  of  bits	of  noise  in  the  entropy  pool.
       /dev/random  should  be	suitable for uses that need very high quality randomness such as one-time pad or key generation.  When the entropy
       pool is empty, reads from /dev/random will block until additional environmental noise is gathered.

       A read from the /dev/urandom device will not block waiting for more entropy.  As a result, if  there  is  not  sufficient  entropy  in  the
       entropy	pool,  the returned values are theoretically vulnerable to a cryptographic attack on the algorithms used by the driver.  Knowledge
       of how to do this is not available in the current unclassified literature, but it is theoretically possible that such an attack may  exist.
       If this is a concern in your application, use /dev/random instead.

   Usage
       If  you	are unsure about whether you should use /dev/random or /dev/urandom, then probably you want to use the latter.	As a general rule,
       /dev/urandom should be used for everything except long-lived GPG/SSL/SSH keys.

       If a seed file is saved across reboots as recommended below (all major Linux distributions have done this since 2000 at least), the  output
       is  cryptographically secure against attackers without local root access as soon as it is reloaded in the boot sequence, and perfectly ade-
       quate for network encryption session keys.  Since reads from /dev/random may block, users will usually want to open it in nonblocking  mode
       (or perform a read with timeout), and provide some sort of user notification if the desired entropy is not immediately available.

       The  kernel random-number generator is designed to produce a small amount of high-quality seed material to seed a cryptographic pseudo-ran-
       dom number generator (CPRNG).  It is designed for security, not speed, and is poorly suited to generating large	amounts  of  random  data.
       Users  should  be  very economical in the amount of seed material that they read from /dev/urandom (and /dev/random); unnecessarily reading
       large quantities of data from this device will have a negative impact on other users of the device.

       The amount of seed material required to generate a cryptographic key equals the effective key size of the key.  For example, a 3072-bit RSA
       or  Diffie-Hellman  private key has an effective key size of 128 bits (it requires about 2^128 operations to break) so a key generator only
       needs 128 bits (16 bytes) of seed material from /dev/random.

       While some safety margin above that minimum is reasonable, as a guard against flaws in the  CPRNG  algorithm,  no  cryptographic  primitive
       available  today  can hope to promise more than 256 bits of security, so if any program reads more than 256 bits (32 bytes) from the kernel
       random pool per invocation, or per reasonable reseed interval (not less than one minute), that should be taken as a sign that its  cryptog-
       raphy is not skilfully implemented.

   Configuration
       If your system does not have /dev/random and /dev/urandom created already, they can be created with the following commands:

	   mknod -m 644 /dev/random c 1 8
	   mknod -m 644 /dev/urandom c 1 9
	   chown root:root /dev/random /dev/urandom

       When  a	Linux system starts up without much operator interaction, the entropy pool may be in a fairly predictable state.  This reduces the
       actual amount of noise in the entropy pool below the estimate.  In order to counteract this effect, it helps to carry entropy pool informa-
       tion  across  shut-downs  and start-ups.  To do this, add the following lines to an appropriate script which is run during the Linux system
       start-up sequence:

	   echo "Initializing random number generator..."
	   random_seed=/var/run/random-seed
	   # Carry a random seed from start-up to start-up
	   # Load and then save the whole entropy pool
	   if [ -f $random_seed ]; then
	       cat $random_seed >/dev/urandom
	   else
	       touch $random_seed
	   fi
	   chmod 600 $random_seed
	   poolfile=/proc/sys/kernel/random/poolsize
	   [ -r $poolfile ] && bytes=`cat $poolfile` || bytes=512
	   dd if=/dev/urandom of=$random_seed count=1 bs=$bytes

       Also, add the following lines in an appropriate script which is run during the Linux system shutdown:

	   # Carry a random seed from shut-down to start-up
	   # Save the whole entropy pool
	   echo "Saving random seed..."
	   random_seed=/var/run/random-seed
	   touch $random_seed
	   chmod 600 $random_seed
	   poolfile=/proc/sys/kernel/random/poolsize
	   [ -r $poolfile ] && bytes=`cat $poolfile` || bytes=512
	   dd if=/dev/urandom of=$random_seed count=1 bs=$bytes

   /proc Interface
       The files in the directory /proc/sys/kernel/random (present since 2.3.16) provide an additional interface to the /dev/random device.

       The read-only file entropy_avail gives the available entropy.  Normally, this will be 4096 (bits), a full entropy pool.

       The file poolsize gives the size of the entropy pool.  The semantics of this file vary across kernel versions:

	      Linux 2.4:  This file gives the size of the entropy pool in bytes.  Normally, this file will have the value 512, but it is writable,
			  and  can  be	changed to any value for which an algorithm is available.  The choices are 32, 64, 128, 256, 512, 1024, or
			  2048.

	      Linux 2.6:  This file is read-only, and gives the size of the entropy pool in bits.  It contains the value 4096.

       The file read_wakeup_threshold contains the number of bits of entropy required for waking up processes that sleep waiting for entropy  from
       /dev/random.   The  default is 64.  The file write_wakeup_threshold contains the number of bits of entropy below which we wake up processes
       that do a select(2) or poll(2) for write access to /dev/random.	These values can be changed by writing to the files.

       The read-only files uuid and boot_id contain random strings like 6fd5a44b-35f4-4ad4-a9b9-6b9be13e1fe9.  The former is generated afresh  for
       each read, the latter was generated once.

FILES

       /dev/random
       /dev/urandom

SEE ALSO

       mknod(1)
       RFC 1750, "Randomness Recommendations for Security"

COLOPHON

       This  page is part of release 3.44 of the Linux man-pages project.  A description of the project, and information about reporting bugs, can
       be found at http://www.kernel.org/doc/man-pages/.

Linux								    2010-08-29								 RANDOM(4)
All times are GMT -4. The time now is 06:48 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy