The random number code will also read and save a seed file to
~/.ssh/prng_seed. This contents of this file are added to the random
-number generator at startup. The goal here is to maintain as much
+number generator at startup. The goal here is to maintain as much
randomness between sessions as possible.
The default entropy collection code has two main problems:
1. It is slow.
-Executing each program in the list can take a large amount of time,
-especially on slower machines. Additionally some program can take a
-disproportionate time to execute.
+Executing each program in the list can take a large amount of time,
+especially on slower machines. Additionally some program can take a
+disproportionate time to execute.
-Tuning the default entropy collection code is difficult at this point.
-It requires doing 'times ./ssh-rand-helper' and modifying the
-($etcdir)/ssh_prng_cmds until you have found the issue. In the next
-release we will be looking at support '-v' for verbose output to allow
-easier debugging.
+Tuning the random helper can be done by running ./ssh-random-helper in
+very verbose mode ("-vvv") and identifying the commands that are taking
+excessive amounts of time or hanging altogher. Any problem commands can
+be modified or removed from ssh_prng_cmds.
The default entropy collector will timeout programs which take too long
to execute, the actual timeout used can be adjusted with the