openssh / prngd unresolved bug since 2002, need help - openssh

This is a discussion on openssh / prngd unresolved bug since 2002, need help - openssh ; Hello, I apologize if this is the wrong list. It was the list I was directed towards. I have reviewed the archives as well as everything I could google before posting. Any help is most appreciated: We're seeing an error ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: openssh / prngd unresolved bug since 2002, need help

  1. openssh / prngd unresolved bug since 2002, need help

    Hello,

    I apologize if this is the wrong list. It was the list I was directed
    towards. I have reviewed the archives as well as everything I could
    google before posting. Any help is most appreciated:

    We're seeing an error during sftp and ssh connections with consistent
    regularity. It's triggered by a high number of connections coming into
    sftp/ssh at the same time. It affects additional connections and leaves
    the failed connect attempts open for days in a TCP_WAIT state. We're
    seeing the error in the system logs:

    openssh session hanging - prngd[671]: write() in socket_write() failed:
    Broken pipe

    This appears to be an issue that has been an unresolved problem with
    prngd since 2002. Some have attributed the problem to prngd version
    0.9.26 (2004) but we are seeing it with version 0.9.25 (30 May 2002) as
    have others that we've seen on the web.

    The problem appears to be (we are quoting here):

    -- snip --
    When lots of processes query entropy at the same time, the "fairness"
    change introduced in 0.9.25 could lead to clients being only served with
    a delay.
    Reason: in serverloop.c the next client to serv is "i1" as determined from
    i1 = (prev_location + i) % max_query_old;
    The client that actually was served however was "i" instead of "i1".
    If the connection of "i" was not yet ready for "write" state set after
    getting the entropy, it might block.
    This problem has not been reported by any other user, though it might also
    have occured at other sites.
    Depending on the internal sorting of sockets by fd/slot (number increasing
    in the sequence of accepted connections, closed connections are
    removed from the list), connections might appear locked.
    The entropy served was not provided in the sequence intended. The
    entropy bytes returned via internal buffer however were consistent
    with the connection served (buffer[i]) was filled correctly for
    connection[i]. The problem therefore has no impact on the quality
    of seeding.
    -- snap --

    It appears that the latest version of prngd for sunos is 0.9.25 up
    through solaris 9.

    The sourceforge for prngd (http://sourceforge.net/projects/prngd/) is
    alive but does not appear to be active. I'm going to contact them, has
    anybody else found a eliable solution or a newer version of prngd for
    sunos 5.8 that does not have this issue.

    We have not received any response from the prngd group on sourceforge.

    Thank you in advance for any/all help,
    David

    _______________________________________________
    openssh-unix-dev mailing list
    openssh-unix-dev@mindrot.org
    https://lists.mindrot.org/mailman/li...enssh-unix-dev


  2. Re: openssh / prngd unresolved bug since 2002, need help


    Under high number of connections if prngd is holding up the connection
    becoming authenticated you may be hitting your "MaxStartups" value.

    $ man sshd_config
    [..]
    MaxStartups
    Specifies the maximum number of concurrent unauthenticated
    con-
    nections to the SSH daemon. Additional connections will be
    dropped until authentication succeeds or the LoginGraceTime
    ex-
    pires for a connection. The default is 10.
    [..]

    As a work around (not suggesting this is an end-all solution) could be to
    bump that number to 20, and see if the problem becomes less frequent.

    If this does improve your life then one has to figure out a better way to
    get entropy. I suspect you are running too low to effectly pass good
    random data to sshd to use.

    If you are on Solaris 9.. You should have a /dev/[u]random and you
    shouldn't need prngd (or am I thinking Solaris 10?).

    - Ben

    On Fri, 11 Jul 2008, David Beecher wrote:

    > Hello,
    >
    > I apologize if this is the wrong list. It was the list I was directed
    > towards. I have reviewed the archives as well as everything I could
    > google before posting. Any help is most appreciated:
    >
    > We're seeing an error during sftp and ssh connections with consistent
    > regularity. It's triggered by a high number of connections coming into
    > sftp/ssh at the same time. It affects additional connections and leaves
    > the failed connect attempts open for days in a TCP_WAIT state. We're
    > seeing the error in the system logs:
    >
    > openssh session hanging - prngd[671]: write() in socket_write() failed:
    > Broken pipe
    >
    > This appears to be an issue that has been an unresolved problem with
    > prngd since 2002. Some have attributed the problem to prngd version
    > 0.9.26 (2004) but we are seeing it with version 0.9.25 (30 May 2002) as
    > have others that we've seen on the web.
    >
    > The problem appears to be (we are quoting here):
    >
    > -- snip --
    > When lots of processes query entropy at the same time, the "fairness"
    > change introduced in 0.9.25 could lead to clients being only served with
    > a delay.
    > Reason: in serverloop.c the next client to serv is "i1" as determined from
    > i1 = (prev_location + i) % max_query_old;
    > The client that actually was served however was "i" instead of "i1".
    > If the connection of "i" was not yet ready for "write" state set after
    > getting the entropy, it might block.
    > This problem has not been reported by any other user, though it might also
    > have occured at other sites.
    > Depending on the internal sorting of sockets by fd/slot (number increasing
    > in the sequence of accepted connections, closed connections are
    > removed from the list), connections might appear locked.
    > The entropy served was not provided in the sequence intended. The
    > entropy bytes returned via internal buffer however were consistent
    > with the connection served (buffer[i]) was filled correctly for
    > connection[i]. The problem therefore has no impact on the quality
    > of seeding.
    > -- snap --
    >
    > It appears that the latest version of prngd for sunos is 0.9.25 up
    > through solaris 9.
    >
    > The sourceforge for prngd (http://sourceforge.net/projects/prngd/) is
    > alive but does not appear to be active. I'm going to contact them, has
    > anybody else found a eliable solution or a newer version of prngd for
    > sunos 5.8 that does not have this issue.
    >
    > We have not received any response from the prngd group on sourceforge.
    >
    > Thank you in advance for any/all help,
    > David
    >
    > _______________________________________________
    > openssh-unix-dev mailing list
    > openssh-unix-dev@mindrot.org
    > https://lists.mindrot.org/mailman/li...enssh-unix-dev
    >

    _______________________________________________
    openssh-unix-dev mailing list
    openssh-unix-dev@mindrot.org
    https://lists.mindrot.org/mailman/li...enssh-unix-dev


  3. Re: openssh / prngd unresolved bug since 2002, need help

    Thankyou.

    I already did that and any variation of that. Does not help. We found
    that if we connected more slowly to the sshd server daemon that the
    problem would not happen. After a lot of digging, ruling out firewall,
    network, etc., we finally figured out the source of the bug -- prngd --
    and how it does entropy. Under high demand it fails. This is a known
    specific bug with prngd that has never been resolved and those that have
    run into the problem never effectively troubleshot it. They just
    figured a different way out or gave up. Neither of those is an option
    here.

    This error was specifically introduced in prngd in the .25 version and
    has never been fixed.

    I contacted this list because I had no response from the
    sourceforge/prngd "project".

    Very much appreciate your help.

    Thank you,
    David


    Ben Lindstrom wrote:
    >
    > Under high number of connections if prngd is holding up the connection
    > becoming authenticated you may be hitting your "MaxStartups" value.
    >
    > $ man sshd_config
    > [..]
    > MaxStartups
    > Specifies the maximum number of concurrent
    > unauthenticated con-
    > nections to the SSH daemon. Additional connections will be
    > dropped until authentication succeeds or the
    > LoginGraceTime ex-
    > pires for a connection. The default is 10.
    > [..]
    >
    > As a work around (not suggesting this is an end-all solution) could be
    > to bump that number to 20, and see if the problem becomes less frequent.
    >
    > If this does improve your life then one has to figure out a better way
    > to get entropy. I suspect you are running too low to effectly pass
    > good random data to sshd to use.
    >
    > If you are on Solaris 9.. You should have a /dev/[u]random and you
    > shouldn't need prngd (or am I thinking Solaris 10?).
    >
    > - Ben
    >
    > On Fri, 11 Jul 2008, David Beecher wrote:
    >
    >> Hello,
    >>
    >> I apologize if this is the wrong list. It was the list I was directed
    >> towards. I have reviewed the archives as well as everything I could
    >> google before posting. Any help is most appreciated:
    >>
    >> We're seeing an error during sftp and ssh connections with consistent
    >> regularity. It's triggered by a high number of connections coming into
    >> sftp/ssh at the same time. It affects additional connections and leaves
    >> the failed connect attempts open for days in a TCP_WAIT state. We're
    >> seeing the error in the system logs:
    >>
    >> openssh session hanging - prngd[671]: write() in socket_write() failed:
    >> Broken pipe
    >>
    >> This appears to be an issue that has been an unresolved problem with
    >> prngd since 2002. Some have attributed the problem to prngd version
    >> 0.9.26 (2004) but we are seeing it with version 0.9.25 (30 May 2002) as
    >> have others that we've seen on the web.
    >>
    >> The problem appears to be (we are quoting here):
    >>
    >> -- snip --
    >> When lots of processes query entropy at the same time, the "fairness"
    >> change introduced in 0.9.25 could lead to clients being only served
    >> with
    >> a delay.
    >> Reason: in serverloop.c the next client to serv is "i1" as
    >> determined from
    >> i1 = (prev_location + i) % max_query_old;
    >> The client that actually was served however was "i" instead of "i1".
    >> If the connection of "i" was not yet ready for "write" state set after
    >> getting the entropy, it might block.
    >> This problem has not been reported by any other user, though it
    >> might also
    >> have occured at other sites.
    >> Depending on the internal sorting of sockets by fd/slot (number
    >> increasing
    >> in the sequence of accepted connections, closed connections are
    >> removed from the list), connections might appear locked.
    >> The entropy served was not provided in the sequence intended. The
    >> entropy bytes returned via internal buffer however were consistent
    >> with the connection served (buffer[i]) was filled correctly for
    >> connection[i]. The problem therefore has no impact on the quality
    >> of seeding.
    >> -- snap --
    >>
    >> It appears that the latest version of prngd for sunos is 0.9.25 up
    >> through solaris 9.
    >>
    >> The sourceforge for prngd (http://sourceforge.net/projects/prngd/) is
    >> alive but does not appear to be active. I'm going to contact them, has
    >> anybody else found a eliable solution or a newer version of prngd for
    >> sunos 5.8 that does not have this issue.
    >>
    >> We have not received any response from the prngd group on sourceforge.
    >>
    >> Thank you in advance for any/all help,
    >> David
    >>
    >> _______________________________________________
    >> openssh-unix-dev mailing list
    >> openssh-unix-dev@mindrot.org
    >> https://lists.mindrot.org/mailman/li...enssh-unix-dev
    >>


    --

    David Beecher, Executive Vice President and Chief Technical Officer
    Digital Messaging Solutions, Inc.
    678.446.3050 voice 866.881.7081 fax
    http://www.dmsgs.com
    We appreciate your business!

    This e-mail may contain data that is confidential, proprietary or
    "non-public personal information," as that term is defined in the
    Gramm-Leach-Bliley Act (collectively, "Confidential Information"). The
    Confidential Information is disclosed conditioned upon your agreement that
    you will treat it confidentially and in accordance with applicable law,
    ensure that such data isn't used or disclosed except for the limited purpose
    for which it's being provided and will notify and cooperate with us
    regarding any requested or unauthorized disclosure or use of any
    Confidential Information. By accepting and reviewing the Confidential
    Information you agree to indemnify us against any losses or expenses,
    including attorney's fees that we may incur as a result of any unauthorized
    use or disclosure of this data due to your acts or omissions. If a party
    other than the intended recipient receives this e-mail, you are requested to
    instantly notify us of the erroneous delivery and return to us all data so
    delivered.


    _______________________________________________
    openssh-unix-dev mailing list
    openssh-unix-dev@mindrot.org
    https://lists.mindrot.org/mailman/li...enssh-unix-dev


  4. Re: openssh / prngd unresolved bug since 2002, need help

    Circa 2008-07-11 15:57 dixit Ben Lindstrom:

    : If you are on Solaris 9.. You should have a /dev/[u]random and you
    : shouldn't need prngd (or am I thinking Solaris 10?).

    Solaris 9 should have /dev/random and /dev/urandom already. Solaris 8
    has patches which provide it.

    --
    jim knoble | jmknoble@pobox.com | http://www.pobox.com/~jmknoble/
    (GnuPG key ID: 6F39C2CC >>>>>> http://www.pobox.com/~jmknoble/keys/ )
    (GnuPG fingerprint: 5024578:7CF4:5660:7269::F6F3:B919:9307:6F39:C2CC)
    +----------------------------------------------------------------------+
    |[L]iberty, as we all know, cannot flourish in a country that is perma-|
    | nently on a war footing, or even a near-war footing. --Aldous Huxley|
    +----------------------------------------------------------------------+
    _______________________________________________
    openssh-unix-dev mailing list
    openssh-unix-dev@mindrot.org
    https://lists.mindrot.org/mailman/li...enssh-unix-dev


  5. Re: openssh / prngd unresolved bug since 2002, need help

    Hello Jim,

    Thank you very much. I am aware of the random number generator on sunos
    5.9. Finally they included one. Unfortunately this install is sunos 5.8
    and not easily changeable at this point.

    I was not aware that patches for sunos 5.8 existed that would add urandom
    and when I saw the package on sunfreeware that used prngd I assumed none
    existed and prngd was required.

    I will look for them and report back here what I find.

    Thanks a lot!
    David



    Jim Knoble wrote:
    > Circa 2008-07-11 15:57 dixit Ben Lindstrom:
    >
    > : If you are on Solaris 9.. You should have a /dev/[u]random and you
    > : shouldn't need prngd (or am I thinking Solaris 10?).
    >
    > Solaris 9 should have /dev/random and /dev/urandom already. Solaris 8
    > has patches which provide it.
    >
    > --
    > jim knoble | jmknoble@pobox.com | http://www.pobox.com/~jmknoble/
    > (GnuPG key ID: 6F39C2CC >>>>>> http://www.pobox.com/~jmknoble/keys/ )
    > (GnuPG fingerprint: 5024578:7CF4:5660:7269::F6F3:B919:9307:6F39:C2CC)
    > +----------------------------------------------------------------------+
    > |[L]iberty, as we all know, cannot flourish in a country that is perma-|
    > | nently on a war footing, or even a near-war footing. --Aldous Huxley|
    > +----------------------------------------------------------------------+
    >



    --
    David Beecher, Executive Vice President and Chief Technical Officer
    Digital Messaging Solutions, Inc.
    678-446-3050 voice
    http://www.dmsgs.com

    This e-mail may contain data that is confidential, proprietary or "non-public
    personal information," as that term is defined in the Gramm-Leach-Bliley Act
    (collectively, "Confidential Information"). The Confidential Information is
    disclosed conditioned upon your agreement that you will treat it
    confidentially and in accordance with applicable law, ensure that such data
    isn't used or disclosed except for the limited purpose for which it's being
    provided and will notify and cooperate with us regarding any requested or
    unauthorized disclosure or use of any Confidential Information. By accepting
    and reviewing the Confidential Information you agree to indemnify us against
    any losses or expenses, including attorney's fees that we may incur as a
    result of any unauthorized use or disclosure of this data due to your acts or
    omissions. If a party other than the intended recipient receives this e-mail,
    you are requested to instantly notify us of the erroneous delivery and return
    to us all data so delivered.
    _______________________________________________
    openssh-unix-dev mailing list
    openssh-unix-dev@mindrot.org
    https://lists.mindrot.org/mailman/li...enssh-unix-dev


  6. RE: openssh / prngd unresolved bug since 2002, need help

    The Solaris 8 patch is 112438 - I don't know what rev it is up to at
    this point. The patch says it requires a reboot, but I came across the
    following instructions years ago to do it without a reboot (sorry, no
    attribution available - some person brighter than me):

    In order to add patch 112438 to the systems without requiring a reboot,
    perform the following steps:

    # patchadd 112438-*
    (The patch addition information should appear)
    # rm /reconfigure
    # rem_drv random
    (Ignore any errors returned)
    # add_drv -m '* 0644 root sys' random

    Good luck, and sorry everyone else for the somewhat off topic post.

    Bill Knox
    Lead Infosec Engineer/Scientist
    The MITRE Corporation

    -----Original Message-----
    From: openssh-unix-dev-bounces+wknox=mitre.org@mindrot.org
    [mailtopenssh-unix-dev-bounces+wknox=mitre.org@mindrot.org] On Behalf
    Of David Beecher
    Sent: Friday, July 11, 2008 9:36 PM
    To: Ben Lindstrom; David Beecher; openssh-unix-dev@mindrot.org
    Subject: Re: openssh / prngd unresolved bug since 2002, need help

    Hello Jim,

    Thank you very much. I am aware of the random number generator on
    sunos
    5.9. Finally they included one. Unfortunately this install is sunos
    5.8
    and not easily changeable at this point.

    I was not aware that patches for sunos 5.8 existed that would add
    urandom
    and when I saw the package on sunfreeware that used prngd I assumed
    none
    existed and prngd was required.

    I will look for them and report back here what I find.

    Thanks a lot!
    David



    Jim Knoble wrote:
    > Circa 2008-07-11 15:57 dixit Ben Lindstrom:
    >
    > : If you are on Solaris 9.. You should have a /dev/[u]random and you
    > : shouldn't need prngd (or am I thinking Solaris 10?).
    >
    > Solaris 9 should have /dev/random and /dev/urandom already. Solaris

    8
    > has patches which provide it.
    >
    > --
    > jim knoble | jmknoble@pobox.com | http://www.pobox.com/~jmknoble/
    > (GnuPG key ID: 6F39C2CC >>>>>> http://www.pobox.com/~jmknoble/keys/

    )
    > (GnuPG fingerprint:

    5024578:7CF4:5660:7269::F6F3:B919:9307:6F39:C2CC)
    >

    +----------------------------------------------------------------------
    +
    > |[L]iberty, as we all know, cannot flourish in a country that is

    perma-|
    > | nently on a war footing, or even a near-war footing. --Aldous

    Huxley|
    >

    +----------------------------------------------------------------------
    +
    >



    --
    David Beecher, Executive Vice President and Chief Technical Officer
    Digital Messaging Solutions, Inc.
    678-446-3050 voice
    http://www.dmsgs.com

    This e-mail may contain data that is confidential, proprietary or
    "non-public
    personal information," as that term is defined in the
    Gramm-Leach-Bliley Act
    (collectively, "Confidential Information"). The Confidential
    Information is
    disclosed conditioned upon your agreement that you will treat it
    confidentially and in accordance with applicable law, ensure that such
    data
    isn't used or disclosed except for the limited purpose for which it's
    being
    provided and will notify and cooperate with us regarding any requested
    or
    unauthorized disclosure or use of any Confidential Information. By
    accepting
    and reviewing the Confidential Information you agree to indemnify us
    against
    any losses or expenses, including attorney's fees that we may incur as
    a
    result of any unauthorized use or disclosure of this data due to your
    acts or
    omissions. If a party other than the intended recipient receives this
    e-mail,
    you are requested to instantly notify us of the erroneous delivery and
    return
    to us all data so delivered.
    _______________________________________________
    openssh-unix-dev mailing list
    openssh-unix-dev@mindrot.org
    https://lists.mindrot.org/mailman/li...enssh-unix-dev
    _______________________________________________
    openssh-unix-dev mailing list
    openssh-unix-dev@mindrot.org
    https://lists.mindrot.org/mailman/li...enssh-unix-dev


+ Reply to Thread