[OpenAFS] AFS, Kerberos 5 and OpenSSH - Need HELP

Jeffrey Hutzelman jhutz@cmu.edu
Fri, 18 Jun 2004 12:58:56 -0400

On Friday, June 18, 2004 15:23:27 +0200 Padiyath Sreekumaran 
<Kumar.Padiyath@psi.ch> wrote:

>     After installation of heimdal
>     when I try to execute /usr/local/bin/kinit command I get the following
> error and a core dump.
>      #/usr/heimdal/bin/kinit gsell
>      gsell@AFSTEST.PSI.CH's Password:
>      kinit: Fatal: could not seed the random number generator
>      resources lost(coredump)

This is not a problem with which versions you're using or how you built the 
packages.  The problem here is that you need a random data source and don't 
have one.  The OpenSSL documentation includes information on what sources 
of random data it can work with.  If your platform has a /dev/random, 
OpenSSL will normally use it automatically; unfortunately, I don't think 
Tru64 has such a beast.  Which means you'll need to fall back on a 
pseudo-random number source like egd (the entropy-gathering daemon). 
Obtain, build, and install egd, and configure it to listen on some 
UNIX-domain socket.  Then add the following line to the [libdefaults] 
section in /etc/krb5.conf:

egd_socket = /path/to/egd/unix/domain/socket

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA