dev/random
Mark Murray
mark at grondar.org
Thu Apr 15 07:50:07 PDT 2004
Peter Jeremy writes:
> On Tue, Apr 13, 2004 at 04:28:16PM -0700, Brooks Davis wrote:
> >To be clear, the problem is not that you can't open /dev/random for
> >read, it's that read() blocks until sufficent entropy arrives. It's
> >worth noting that the quality of entropy needed in initdiskless is
> >pretty minimal. rand() would actually be fine here other then the fact
> >that use of rand should not be encouraged.
>
> If you don't need a great deal of entropy, you might be able to get
> away with stirring in the time of day, CPU cycle counter[1], and maybe
> time a couple of arbitrary disk seeks. If you had a _really_ cheap
> stirring function, maybe stir in all of KVM (this should vary slightly
> from boot to boot). This should be enough entropy to get to the
> point where you can start loading or acquiring reasonable entropy.
Check /etc/rc.d/*random* - we've been doing this for years. :-)
> I recall being bitten on several occasions when I was trying to use
> ed(1) in single user mode and having ed decide there wasn't enough
> entropy to create its temporary file.
>
> Of course, the default behaviour of automatically building ssh host
> keys as part of the boot sequence (when there's virtually no entropy
> available) is probably undesirable.
We understand the problem all too well.
There are two conflicting parts; 1) Starting the device early enough
and 2) making it secure (enough).
Most of the entropy arguments involve, in effect, differing opinions
on what "early enough" and "secure enough" mean.
M
--
Mark Murray
iumop ap!sdn w,I idlaH
More information about the freebsd-current
mailing list