I asked: > This happened to two of my Solaris 8 boxes over the weekend, and I do not > know why. > > Last week, I installed patch 111238 and removed ANDIrand. I did the > rem_drv random > add_drv random > and the random device /dev/random exists. Ssh (OpenSsh 3.4p1) works fine. > I am able to connect to the box and connect to other hosts from this box > using ssh and scp, and had no problem. This was last week. > > This morning, I checked jobs that ran automatically over the weekend, and one > failed. A job tried to scp to another host and ssh responded back > PRNG is not seeded > I checked and the /dev/random device *does* exist > (~) cmstst 54 % ls -lFa /dev/random > lrwxrwxrwx 1 root other 33 Jul 23 14:42 /dev/random -> ../devices/pseudo/random@0:random > (~) cmstst 55 % ls -lFa /devices/pseudo/random@0:random > crw------- 1 root sys 195, 0 Jul 29 10:51 /devices/pseudo/random@0:random > > I backed out patch 111238 and reinstalled it, and after the install I did > two additional steps as well: > rem_drv random > add_drv random > modload /kernel/drv/random > dd if=/dev/mem bs=512 count=16 2>&- | crypt $RANDOM > /dev/random > > The /dev/random device exists, but I still get the "PRNG is not seeded" > error. Any ideas what else to check? > > TIA The answer: permissions. /devices/pseudo/random@0:random and urandom were only readable by root, for some odd reason. adding read permission to group and to world fixed the problem. by the way, to let several people know who said you must do a reboot: no you do not. (want to start me ranting and raving? ask me what I think of winblows) The "rem_drv random" removes any existing random number kernel module (like ANDIrand or PRNGD or whatever) and "add_drv random" will enable 112438. There will still be a /reconfigure file for the next reboot, but that will not hurt anything. Several people have said that the modload and dd command are also needed, but I have not needed to do those. oh, and yes I mistyped the patch number above. The solaris 8 /dev/random patch is 112438. I am applying too many patches at once, I think... ;^) Thanks to: keith@smith.net David Foster <foster@dim.ucsd.edu> Graham Wood <rauxon@dragonhold.org> Robert Brockway <robert@timetraveller.org> "Beavers, Reginald" <RBeavers@seisint.com> Christian Iseli <chris@ludwig-sun1.unil.ch> "Heilke, Rainer" <Rainer.Heilke@atcoitek.com> Dela Rosa Jaime <Jaime.DelaRosa@siemens.com.au> +-----------------------------------------------------------------------+ | Christopher L. Barnard O When I was a boy I was told that | | cbarnard@tsg.cbot.com / \ anybody could become president. | | (312) 347-4901 O---O Now I'm beginning to believe it. | | http://www.cs.uchicago.edu/~cbarnard --Clarence Darrow | +----------PGP public key available via finger or PGP keyserver---------+ _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Tue Jul 30 11:18:50 2002
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:50 EST