dev/random

Peter Jeremy PeterJeremy at optushome.com.au
Fri Apr 16 02:30:57 PDT 2004


On Thu, Apr 15, 2004 at 03:48:09PM +0100, Mark Murray wrote:
>Peter Jeremy writes:
>> If you don't need a great deal of entropy, you might be able to get
>> away with stirring in the time of day, CPU cycle counter[1], and maybe
>> time a couple of arbitrary disk seeks.  If you had a _really_ cheap
>> stirring function, maybe stir in all of KVM (this should vary slightly
>> from boot to boot).  This should be enough entropy to get to the
>> point where you can start loading or acquiring reasonable entropy.
>
>Check /etc/rc.d/*random* - we've been doing this for years. :-)

I meant that the kernel should seed /dev/random before it even starts
init(8).  I understood that one of the problems with /etc/rc.d/random
was that you may need to have some entropy available to mount root
so you can get to /etc/rc.d/random.  (And /etc/rc.d/random doesn't
help when you boot into single user mode and can't run ed or vi
because there's no entropy).

>> Of course, the default behaviour of automatically building ssh host
>> keys as part of the boot sequence (when there's virtually no entropy
>> available) is probably undesirable.
>
>We understand the problem all too well.
>
>There are two conflicting parts; 1) Starting the device early enough
>and 2) making it secure (enough).

One option (which may have already been implemented, I haven't done a
5-CURRENT install for a long time) would be to generate the host keys
as part of sysinstall before rebooting.  There's potentially a fair
amount of entropy available by the end of the system installation.
(In any case, it's unlikely to be less than what is available early
during the boot process).

-- 
Peter Jeremy


More information about the freebsd-current mailing list