dev/random
Charles Swiger
cswiger at mac.com
Tue Apr 13 14:02:17 PDT 2004
On Apr 13, 2004, at 3:10 PM, Brooks Davis wrote:
> On Tue, Apr 13, 2004 at 02:49:14PM -0400, Charles Swiger wrote:
>> Why not set $entropy_dir in rc.conf and kickstart /dev/random using
>> much higher quality entropy available when the machine was shutdown
>> last?
>
> You don't get to assume the existance of rc.conf until after
> initdiskless runs.
And Mark Murray referred me to diskless workstations as well. OK.
From what I remember, one used BOOTP and TFTPD to provide a standalone
executable (for an X11 terminal, say) or a kernel, and the latter would
then perform an NFS mount to obtain a root filesystem and an init
program to run, which would then call the RC mechanism to mount more
filesystems and do whatever else is needed to boot the system.
[ By the way, I did not find documentation in rc.8 which mentions
initdiskless as a special case, but perhaps it might be worth referring
to diskless.8 from the former manpage. ]
Anyway, if /etc/rc.d/initdiskless is available, you've got a root
filesystem to read from, so can't one nudge the diskless client's
/dev/random using entropy from a file stored on it?
Or perhaps the /usr/share/examples/diskless/clone_root script could
call mknod to create a clone of the server's /dev/random device under
the diskless root directory, to provide different "real" entropy for
each diskless client?
Both of these suggestions are made under the assumption that one can't
simply make /dev/random readable without being nudged, and one cannot
utilize rcNG dependencies to start /etc/rc.d/random properly (ie,
before something want to use /dev/random) for the reason that Brooks
mentioned above. :-)
--
-Chuck
More information about the freebsd-current
mailing list