Mark Murray mark at
Thu Apr 15 07:50:07 PDT 2004

Peter Jeremy writes:
> On Tue, Apr 13, 2004 at 04:28:16PM -0700, Brooks Davis wrote:
> >To be clear, the problem is not that you can't open /dev/random for
> >read, it's that read() blocks until sufficent entropy arrives.  It's
> >worth noting that the quality of entropy needed in initdiskless is
> >pretty minimal.  rand() would actually be fine here other then the fact
> >that use of rand should not be encouraged.
> If you don't need a great deal of entropy, you might be able to get
> away with stirring in the time of day, CPU cycle counter[1], and maybe
> time a couple of arbitrary disk seeks.  If you had a _really_ cheap
> stirring function, maybe stir in all of KVM (this should vary slightly
> from boot to boot).  This should be enough entropy to get to the
> point where you can start loading or acquiring reasonable entropy.

Check /etc/rc.d/*random* - we've been doing this for years. :-)

> I recall being bitten on several occasions when I was trying to use
> ed(1) in single user mode and having ed decide there wasn't enough
> entropy to create its temporary file.
> Of course, the default behaviour of automatically building ssh host
> keys as part of the boot sequence (when there's virtually no entropy
> available) is probably undesirable.

We understand the problem all too well.

There are two conflicting parts; 1) Starting the device early enough
and 2) making it secure (enough).

Most of the entropy arguments involve, in effect, differing opinions
on what "early enough" and "secure enough" mean.

Mark Murray
iumop ap!sdn w,I idlaH

More information about the freebsd-current mailing list