Date: Thu, 8 Aug 2013 13:55:14 -0700 From: "David O'Brien" <obrien@FreeBSD.org> To: Scott Long <scott4long@yahoo.com> Cc: Arthur Mesh <arthurmesh@gmail.com>, secteam@freebsd.org, freebsd-arch@freebsd.org Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion Message-ID: <20130808205514.GA95000@dragon.NUXI.org> In-Reply-To: <1EDB5C8E-5755-4A8A-89F1-A64412080744@yahoo.com> References: <20130807183516.GC79319@dragon.NUXI.org> <1EDB5C8E-5755-4A8A-89F1-A64412080744@yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Aug 07, 2013 at 05:07:15PM -0700, Scott Long wrote: > We only compile and deploy a whitelist subset of modules, so the PRNG > modules were not compiled into the kernel nor present in /boot. When the > machine came up, it paused waiting for keyboard input. In one iteration, it > released the hold after about 100 characters of quick typing. Do you have any random(4) related local changes? I ask because the FreeBSD kernel does not block due to either a missing a /dev/random device, nor yarrow being not seeded. I'd like to understand how you experienced what seems to be blocking due to being not-seeded in a FreeBSD 10 (or -STABLE) kernel. > In the first iteration, even after the system continued, various things > complained and/or failed with a complaint of there being no > /dev/random. named was one thing, but I know there were others. It sounds like this is not a headless machine, correct? I'll enable named on my test machine and see if I get the whine about lack of /dev/random. Note that OpenSSL (and thus OpenSSH) handle the lack of /dev/random. (and do so without warning or other indication) Are there other non-default daemons you enable. -- -- David (obrien@FreeBSD.org)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130808205514.GA95000>