Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 07 Dec 2020 01:45:52 -0800
From:      Hal Murray <hmurray@megapathdsl.net>
To:        Mark Murray <markm@FreeBSD.org>
Cc:        freebsd-hackers@freebsd.org, hmurray@megapathdsl.net
Subject:   Re: arc4random initialization
Message-ID:  <20201207094552.74A3D40605C@ip-64-139-1-69.sjc.megapath.net>
In-Reply-To: Message from Mark Murray <markm@FreeBSD.org> of "Mon, 07 Dec 2020 08:37:42 GMT." <EB47F35A-EAD8-4B97-B676-FD8C5AD57398@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help

markm@FreeBSD.org said:
> Once you've installed on some R/W medium and rebooted, the necessary entropy
> will have been stashed for you, and the first SSH keys will be generated
> properly. 

If I do a fresh install, when does the host's SSH key get generated and where 
does the entropy for that step come from?

I assume lots of entropy is generated during the install.  Does that get 
written to the new system's disk so it has some at first boot?

Does the on-disk entropy file get updated occasionally (as compared to only at 
shutdown) so it doesn't get reused if the system crashes?

If so, how often is "occasionally"?  Will that turn into a wear-out problem if 
running on a flash drive? (eg Raspberry Pi)

-- 
These are my opinions.  I hate spam.






Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20201207094552.74A3D40605C>