[MacPorts] #59497: openssh @8.1p1: sshd only works in debug mode
MacPorts
noreply at macports.org
Thu Nov 7 14:07:11 UTC 2019
#59497: openssh @8.1p1: sshd only works in debug mode
-------------------------+----------------------
Reporter: davidfavor | Owner: (none)
Type: defect | Status: reopened
Priority: Normal | Milestone:
Component: ports | Version: 2.6.2
Resolution: | Keywords:
Port: openssh |
-------------------------+----------------------
Comment (by Ionic):
As far as I've seen, it's disabled by default in the OpenSSL upstream
configuration. I didn't find a configure option to even enable it while
quickly grepping the source code, but it looks like passing `--with-rand-
seed=os,rdcpu` (or something similar) would do that. However, the upstream
default is just `os`. Plus, like I said, it would only work on Intel CPUs
AFAIK, but we also have to care for the PowerPC faction. It wouldn't even
help universally, but admittedly in most cases.
I'm also pretty sure that mixing entropy of different qualities actually
degrades the overall quality, but don't quote me on that. :)
And lastly... OpenSSL doesn't really mix them all together. It picks the
first method available and working. The other methods are only tried in
case of errors or if no entropy is coming out any longer.
I'm not saying that you don't have a point, but you'd have to discuss that
with the OpenSSL port maintainers.
--
Ticket URL: <https://trac.macports.org/ticket/59497#comment:15>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list