Date: Wed, 14 Apr 2004 19:05:06 +1000 From: Peter Jeremy <peterjeremy@optushome.com.au> To: freebsd-current@freebsd.org Subject: Re: dev/random Message-ID: <20040414090506.GA25565@server.vk2pj.dyndns.org> In-Reply-To: <20040413232816.GB25818@Odin.AC.HMC.Edu> References: <200404131550.i3DFocIn099231@grimreaper.grondar.org> <428207C0-8D7B-11D8-B697-003065ABFD92@mac.com> <20040413191058.GF20550@Odin.AC.HMC.Edu> <D30E2B24-8D8D-11D8-B697-003065ABFD92@mac.com> <20040413232816.GB25818@Odin.AC.HMC.Edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Apr 13, 2004 at 04:28:16PM -0700, Brooks Davis wrote: >To be clear, the problem is not that you can't open /dev/random for >read, it's that read() blocks until sufficent entropy arrives. It's >worth noting that the quality of entropy needed in initdiskless is >pretty minimal. rand() would actually be fine here other then the fact >that use of rand should not be encouraged. If you don't need a great deal of entropy, you might be able to get away with stirring in the time of day, CPU cycle counter[1], and maybe time a couple of arbitrary disk seeks. If you had a _really_ cheap stirring function, maybe stir in all of KVM (this should vary slightly from boot to boot). This should be enough entropy to get to the point where you can start loading or acquiring reasonable entropy. I recall being bitten on several occasions when I was trying to use ed(1) in single user mode and having ed decide there wasn't enough entropy to create its temporary file. Of course, the default behaviour of automatically building ssh host keys as part of the boot sequence (when there's virtually no entropy available) is probably undesirable. [1] Maybe a couple of times at arbitrary points during the boot sequence - it's fairly cheap and probe/attach code is somewhat non-deterministic compared to the CPU clock. Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040414090506.GA25565>