From owner-freebsd-current@FreeBSD.ORG  Mon Mar 28 22:00:24 2005
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2189216A4CE
	for <freebsd-current@freebsd.org>;
	Mon, 28 Mar 2005 22:00:24 +0000 (GMT)
Received: from mailserver.sandvine.com (sandvine.com [199.243.201.138])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8D93143D53
	for <freebsd-current@freebsd.org>;
	Mon, 28 Mar 2005 22:00:23 +0000 (GMT)
	(envelope-from emaste@phaedrus.sandvine.ca)
Received: from labgw2.phaedrus.sandvine.com ([192.168.3.11]) by
	mailserver.sandvine.com with Microsoft SMTPSVC(5.0.2195.6713);
	Mon, 28 Mar 2005 17:00:22 -0500
Received: by labgw2.phaedrus.sandvine.com (Postfix, from userid 12627)
	id 957EA13656; Mon, 28 Mar 2005 17:00:22 -0500 (EST)
Date: Mon, 28 Mar 2005 17:00:22 -0500
From: Ed Maste <emaste@phaedrus.sandvine.ca>
To: freebsd-current@freebsd.org
Message-ID: <20050328220022.GB17716@sandvine.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
X-OriginalArrivalTime: 28 Mar 2005 22:00:22.0831 (UTC)
	FILETIME=[8A25ABF0:01C533E1]
Subject: Random source seeding and /etc/rc.d/sshd host key generation
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Mar 2005 22:00:24 -0000

In /etc/rc.d/sshd, user_reseed() does

seeded=`sysctl -n kern.random.sys.seeded 2>/dev/null`
    if [ "${seeded}" != "" ] ; then
        warn "Setting entropy source to blocking mode."
        echo "===================================================="
        echo "Type a full screenful of random junk to unblock"
        ...

I'm curious if checking the seeded sysctl against "" is intentional;
it seems $seeded will always be non-null.  Since user_reseed only
gets called if the host keys don't exist it probably won't be much
of an issue in practice, but it seems random junk will be requested
on the first boot even if the entropy source is already seeded.

-ed