dev/random
Peter Jeremy
PeterJeremy at optushome.com.au
Fri Apr 16 02:30:57 PDT 2004
On Thu, Apr 15, 2004 at 03:48:09PM +0100, Mark Murray wrote:
>Peter Jeremy writes:
>> If you don't need a great deal of entropy, you might be able to get
>> away with stirring in the time of day, CPU cycle counter[1], and maybe
>> time a couple of arbitrary disk seeks. If you had a _really_ cheap
>> stirring function, maybe stir in all of KVM (this should vary slightly
>> from boot to boot). This should be enough entropy to get to the
>> point where you can start loading or acquiring reasonable entropy.
>
>Check /etc/rc.d/*random* - we've been doing this for years. :-)
I meant that the kernel should seed /dev/random before it even starts
init(8). I understood that one of the problems with /etc/rc.d/random
was that you may need to have some entropy available to mount root
so you can get to /etc/rc.d/random. (And /etc/rc.d/random doesn't
help when you boot into single user mode and can't run ed or vi
because there's no entropy).
>> Of course, the default behaviour of automatically building ssh host
>> keys as part of the boot sequence (when there's virtually no entropy
>> available) is probably undesirable.
>
>We understand the problem all too well.
>
>There are two conflicting parts; 1) Starting the device early enough
>and 2) making it secure (enough).
One option (which may have already been implemented, I haven't done a
5-CURRENT install for a long time) would be to generate the host keys
as part of sysinstall before rebooting. There's potentially a fair
amount of entropy available by the end of the system installation.
(In any case, it's unlikely to be less than what is available early
during the boot process).
--
Peter Jeremy
More information about the freebsd-current
mailing list