From owner-freebsd-current@FreeBSD.ORG Thu Apr 15 07:50:07 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BC8AF16A4CE for ; Thu, 15 Apr 2004 07:50:07 -0700 (PDT) Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.157.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9DC1243D49 for ; Thu, 15 Apr 2004 07:50:06 -0700 (PDT) (envelope-from mark@grondar.org) Received: from storm.FreeBSD.org.uk (Ugrondar@localhost [127.0.0.1]) i3FEo4Ae075236; Thu, 15 Apr 2004 15:50:04 +0100 (BST) (envelope-from mark@grondar.org) Received: (from Ugrondar@localhost)i3FEo49k075235; Thu, 15 Apr 2004 15:50:04 +0100 (BST) (envelope-from mark@grondar.org) X-Authentication-Warning: storm.FreeBSD.org.uk: Ugrondar set sender to mark@grondar.org using -f Received: from grondar.org (localhost [127.0.0.1])i3FEm9In021190; Thu, 15 Apr 2004 15:48:10 +0100 (BST) (envelope-from mark@grondar.org) From: Mark Murray Message-Id: <200404151448.i3FEm9In021190@grimreaper.grondar.org> To: Peter Jeremy In-Reply-To: Your message of "Wed, 14 Apr 2004 19:05:06 +1000." <20040414090506.GA25565@server.vk2pj.dyndns.org> Date: Thu, 15 Apr 2004 15:48:09 +0100 Sender: mark@grondar.org X-Spam-Score: 4 (****) FROM_NO_LOWER,MSGID_FROM_MTA_SHORT X-Scanned-By: MIMEDefang 2.39 X-Mailman-Approved-At: Fri, 16 Apr 2004 04:59:38 -0700 cc: freebsd-current@FreeBSD.ORG Subject: Re: dev/random X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Apr 2004 14:50:07 -0000 Peter Jeremy writes: > On Tue, Apr 13, 2004 at 04:28:16PM -0700, Brooks Davis wrote: > >To be clear, the problem is not that you can't open /dev/random for > >read, it's that read() blocks until sufficent entropy arrives. It's > >worth noting that the quality of entropy needed in initdiskless is > >pretty minimal. rand() would actually be fine here other then the fact > >that use of rand should not be encouraged. > > If you don't need a great deal of entropy, you might be able to get > away with stirring in the time of day, CPU cycle counter[1], and maybe > time a couple of arbitrary disk seeks. If you had a _really_ cheap > stirring function, maybe stir in all of KVM (this should vary slightly > from boot to boot). This should be enough entropy to get to the > point where you can start loading or acquiring reasonable entropy. Check /etc/rc.d/*random* - we've been doing this for years. :-) > I recall being bitten on several occasions when I was trying to use > ed(1) in single user mode and having ed decide there wasn't enough > entropy to create its temporary file. > > Of course, the default behaviour of automatically building ssh host > keys as part of the boot sequence (when there's virtually no entropy > available) is probably undesirable. We understand the problem all too well. There are two conflicting parts; 1) Starting the device early enough and 2) making it secure (enough). Most of the entropy arguments involve, in effect, differing opinions on what "early enough" and "secure enough" mean. M -- Mark Murray iumop ap!sdn w,I idlaH