- (dtucker) [TODO WARNING.RNG] Update to reflect current reality. ok djm@

ChangeLog

@@ -1,3 +1,6 @@
+20041206
+ - (dtucker) [TODO WARNING.RNG] Update to reflect current reality.  ok djm@
+
 20041203
  - (dtucker) OpenBSD CVS Sync
    - jmc@cvs.openbsd.org 2004/11/07 17:42:36
@@ -1870,4 +1873,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.3584 2004/12/03 03:33:47 dtucker Exp $
+$Id: ChangeLog,v 1.3585 2004/12/06 11:40:10 dtucker Exp $

TODO

@@ -30,13 +30,8 @@ Programming:
 
 - More platforms for for setproctitle() emulation (testing needed)
 
-- Improve PAM support (a pam_lastlog module will cause sshd to exit)
-  and maybe support alternate forms of authentications like OPIE via
-  pam?
-
 - Improve PAM ChallengeResponseAuthentication
  - Informational messages
- - chauthtok
  - Use different PAM service name for kbdint vs regular auth (suggest from
    Solar Designer)
  - Ability to select which ChallengeResponseAuthentications may be used
@@ -59,8 +54,6 @@ Clean up configure/makefiles:
   information in wtmpx or utmpx or any of that stuff if it's not detected
   from the start
 
-- Fails to compile when cross compile. (vinschen@redhat.com)
-
 - Replace the whole u_intXX_t evilness in acconfig.h with something better???
  - Do it in configure.ac
 
@@ -72,10 +65,6 @@ Clean up configure/makefiles:
   entropy related stuff into another.
 
 Packaging:
-- Solaris: Update packaging scripts and build new sysv startup scripts
-  Ideally the package metadata should be generated by autoconf.
-  (gilbert.r.loomis@saic.com)
-
 - HP-UX: Provide DEPOT package scripts.
   (gilbert.r.loomis@saic.com)
 
@@ -94,4 +83,4 @@ PrivSep Issues:
 - Cygwin
   + Privsep for Pre-auth only (no fd passing)
 
-$Id: TODO,v 1.57 2004/02/11 09:44:13 dtucker Exp $
+$Id: TODO,v 1.58 2004/12/06 11:40:11 dtucker Exp $

WARNING.RNG

@@ -55,11 +55,10 @@ Executing each program in the list can take a large amount of time,
 especially on slower machines. Additionally some program can take a
 disproportionate time to execute.
 
-Tuning the default entropy collection code is difficult at this point.
+Tuning the random helper can be done by running ./ssh-random-helper in
-It requires doing 'times ./ssh-rand-helper'  and modifying the
+very verbose mode ("-vvv") and identifying the commands that are taking
-($etcdir)/ssh_prng_cmds until you have found the issue.  In the next
+accessive amounts of time or hanging altogher.  Any problem commands can
-release we will be looking at support '-v' for verbose output to allow
+be modified or removed from ssh_prng_cmds.
-easier debugging.
 
 The default entropy collector will timeout programs which take too long
 to execute, the actual timeout used can be adjusted with the
@@ -93,4 +92,4 @@ If you are forced to use ssh-rand-helper consider still downloading
 prngd/egd and configure OpenSSH using --with-prngd-port=xx or
 --with-prngd-socket=xx (refer to INSTALL for more information).
 
-$Id: WARNING.RNG,v 1.6 2003/11/21 12:48:55 djm Exp $
+$Id: WARNING.RNG,v 1.7 2004/12/06 11:40:11 dtucker Exp $