From owner-freebsd-current  Sun Jul 16 12:41:38 2000
Delivered-To: freebsd-current@freebsd.org
Received: from grimreaper.grondar.za (grimreaper.grondar.za [196.7.18.138])
	by hub.freebsd.org (Postfix) with ESMTP id 6BED837B609
	for <current@FreeBSD.ORG>; Sun, 16 Jul 2000 12:41:31 -0700 (PDT)
	(envelope-from mark@grondar.za)
Received: from grimreaper.grondar.za (localhost [127.0.0.1])
	by grimreaper.grondar.za (8.9.3/8.9.3) with ESMTP id VAA04096;
	Sun, 16 Jul 2000 21:42:29 +0200 (SAST)
	(envelope-from mark@grimreaper.grondar.za)
Message-Id: <200007161942.VAA04096@grimreaper.grondar.za>
To: Bill Fumerola <billf@chimesnet.com>
Cc: current@FreeBSD.ORG
Subject: Re: randomdev entropy gathering is really weak 
References: <20000716152631.G51462@jade.chc-chimes.com> 
In-Reply-To: <20000716152631.G51462@jade.chc-chimes.com> ; from Bill Fumerola <billf@chimesnet.com>  "Sun, 16 Jul 2000 15:26:31 -0400."
Date: Sun, 16 Jul 2000 21:42:29 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> On Sun, Jul 16, 2000 at 08:26:44PM +0200, Mark Murray wrote:
> 
> > Gotcha - fix coming; I need to stash some randomness at shutdown time, and
> > use that to reseed the RNG at reboot time.
> 
> ... and for installations where ssh-keygen is run the first time
> the system boots?

The situation is _worse_; the entropy is minimal, and is _very_ attackable.

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message