Date: Mon, 28 Mar 2005 23:33:18 +0100 From: Mark Murray <markm@FreeBSD.ORG> To: Brooks Davis <brooks@one-eyed-alien.net> Cc: Ed Maste <emaste@phaedrus.sandvine.ca> Subject: Re: Random source seeding and /etc/rc.d/sshd host key generation Message-ID: <200503282233.j2SMXIsd000806@grovel.grondar.org> In-Reply-To: Your message of "Mon, 28 Mar 2005 14:08:27 -0800." <20050328220827.GA26134@odin.ac.hmc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Brooks Davis writes: > > I'm curious if checking the seeded sysctl against "" is intentional; > > it seems $seeded will always be non-null. Since user_reseed only > > gets called if the host keys don't exist it probably won't be much > > of an issue in practice, but it seems random junk will be requested > > on the first boot even if the entropy source is already seeded. > > I believe the goal of the script is to not trust the system entropy this > time (since it's almost certainly junk.) I think the check is just to > avoid this code if the sysctl doesn't exist. Close. Not all RNG's use the Yarrow-based generator. This is a test for the presence of the Yarrow PRNG. M -- Mark Murray iumop ap!sdn w,I idlaH
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503282233.j2SMXIsd000806>