From owner-freebsd-arch Mon Oct 23 17:43:40 2000 Delivered-To: freebsd-arch@freebsd.org Received: from bsdone.bsdwins.com (www.bsdwins.com [192.58.184.33]) by hub.freebsd.org (Postfix) with ESMTP id B5E7537B479 for ; Mon, 23 Oct 2000 17:43:38 -0700 (PDT) Received: (from jwd@localhost) by bsdone.bsdwins.com (8.11.0/8.11.0) id e9O0hac46178; Mon, 23 Oct 2000 20:43:36 -0400 (EDT) (envelope-from jwd) Date: Mon, 23 Oct 2000 20:43:36 -0400 From: "John W. De Boskey" To: Warner Losh Cc: arch@FreeBSD.org Subject: Re: cvs commit: src/etc rc Message-ID: <20001023204336.A46026@bsdwins.com> References: <20001023195335.A45719@bsdwins.com> <10649.972343418@winston.osd.bsdi.com> <20001023195335.A45719@bsdwins.com> <200010232357.RAA11628@harmony.village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200010232357.RAA11628@harmony.village.org>; from imp@village.org on Mon, Oct 23, 2000 at 05:57:10PM -0600 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG If you want the entropy to be saved into swap, it seems like we should add this type of functionality to rndcontrol. rndcontrol -w /dev/da0s1b # write entropy to end of partition rndcontrol -r /dev/da0s1b # attempt to read entropy from partition I also think we need to clean up the line(s) between the requirments for crypto strength randomness and normal randomness. * mkstemps() & friends don't really need crypto strength (or am I missing something. * mfs requires randomness for the FSIRAND code. If crypto strength is not available, will regular randomness do? Comments welcome. -John ----- Warner Losh's Original Message ----- > [[ moved to arch ]] > > In message <20001023195335.A45719@bsdwins.com> "John W. De Boskey" writes: > : However, the idea(s) in general are good. To take his ideas > : in a slightly different direction, What about reading data from > : the kernel from random locations? > > Bootstrapping problems. You can't pick good random numbers until you > have a good random state. Since many many people run GENERIC, you > can't expect things to be too random. Before I did the mergemaster > upgrade, I would always get "A cons is an object with feelings" > fortune every single first login after reboot.... > > The diskless workstations are an interesting problem because the > current scheme of writing to / exposes the random state to the entire > network.... > > Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message