FAQ: PRNG is not SEEDED

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

Q: I was trying to help out a friend who was in a dilemma he had already resolved. While trying to scp to a host, he got the error message "PRNG is not SEEDED". Only the super-user root was able to scp, but he wanted drill down to the root of the problem. After all, who wants to execute scp as root, right?

He was able to successfully scp on other machines as himself, but on this particular machine he was only able to do it as the super-user, root. It is worthy to note here that ssh works, but scp does not.

A: When trying to run scp and you get an error message "PRNG is not SEEDED", you probably have an issue with the /dev/random and/or /dev/urandom devices on your system. These devices are created by default during system installation.

Check that proper permissions are present on random numbers generators. The correct permissions should be "others" must have "read" access to these devices. Below are the permissions on a working system:

# ls -l /dev/random /dev/urandom
crw-r--r-- 1 root system 39, 0 Jun 22 10:48 /dev/random
crw-r--r-- 1 root system 39, 1 Jun 22 10:48 /dev/urandom

To corrent, change them like below:
# chmod o+r /dev/random /dev/urandom 

Now stop and start the SSH daemon again, and retry if scp works.
# stopsrc -s sshd
# startsrc -s sshd

For unknown reasons, there are times when the files /dev/random and /dev/urandom are missing from the system. If this is the case, you will need to create them. Execute the following commands:
# stopsrc -s sshd
# mknod /dev/random c 39 0
# mknod /dev/urandom c 39 1
# randomctl -l
# ls -ald /dev/random /dev/urandom
# startsrc -s sshd

So far problems with s-commands I have encountered are related to the random generator character devices. I have encountered similar problems while trying to blank a forgotten root password and setting a new one on a Solaris machine.

You may further drill down on the cause of the problem by using strace or truss, whichever is applicable on your *nix system.

You might also be interested in:

Feedback

We at pimp-my-rig strive to keep on improving, help us reach that goal by leaving comments or constructive criticisms. Don't miss out on our next feature -- subscribe via RSS (What is RSS?).

Share This

0 comments: