Querying entropy state
RW
rwmaillists at googlemail.com
Tue May 15 14:54:49 UTC 2018
On Tue, 15 May 2018 12:17:28 +0100
Chris Rees wrote:
> Hello all,
>
> Since the new random device has been put in, sysutils/monitorix no
> longer has a sysctl to poll to view the current state of entropy
> (i.e. kern.random.sys.seeded).
>
> I have come to the understanding that it is no longer necessary or
> relevant information with the new driver, and entropy is always at an
> acceptable state; the author has suggested disabling this test on
> FreeBSD.
>
> Am I correct that there is no point in checking for entropy any more,
> and the entropy is unmeasurable?
It hasn't been for many years.
kern.random.sys.seeded was set when yarrow first seeded itself after a
boot. As long as there's an entropy file this happened very early, and
ordinary computers would spontaneously seed well before that. The
sysctl was only relevant in some special cases like certain embedded
devices.
More information about the freebsd-security
mailing list