Date: Mon, 17 Jul 2000 16:27:17 -0700 From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> To: Sheldon Hearn <sheldonh@uunet.co.za> Cc: Mark Murray <mark@grondar.za>, Maxim Sobolev <sobomax@FreeBSD.ORG>, current@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak Message-ID: <4.3.2.7.0.20000717161342.00b0c780@infidel.boolean.net> In-Reply-To: <27901.963864847@axl.ops.uunet.co.za> References: <Your message of "Mon, 17 Jul 2000 19:33:40 %2B0200." <200007171733.TAA00681@grimreaper.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Note that there should be no need to cron the job. You
only need to save one set of bits to be used as a seed
for the next startup. And one set of bits SHOULD be
as good as any other.
I suggest you (at boot time):
1: open seed file for read
unlink seed file
use seed file + available entropy to seed algorithm
close the seed file
2: open for seed file for write
write X bytes for next time
close file
Note that even if you do cron step 2, I recommend highly you
mix in whatever entropy you can gather at boot time into
the initial seeding. This will ensure any reuse of the
seed file (such as if you crash between steps 1 and 2) will
result in different bit sequences.
Regards, Kurt
At 10:14 PM 7/17/00 +0200, Sheldon Hearn wrote:
>On Mon, 17 Jul 2000 19:33:40 +0200, Mark Murray wrote:
>
>> That is an idea I can use! :-)
>
>See the recently fixed and documented crontab(5) @reboot, in fact. :-)
>
>Ciao,
>Sheldon.
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-current" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.0.20000717161342.00b0c780>