Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 6 Jan 2016 06:00:23 +1100
From:      Peter Jeremy <peter@rulingia.com>
To:        Mark Saad <nonesuch@longcount.org>
Cc:        FreeBSD-Stable ML <freebsd-stable@freebsd.org>
Subject:   Re: dev/random warning on 10-STABLE after r292122 up till r292855
Message-ID:  <20160105190023.GF81231@server.rulingia.com>
In-Reply-To: <CAMXt9NYVsryEH7JAY3wt6z67oONf=uvXWTdhUzsUSZbG0nZv3g@mail.gmail.com>
References:  <CAMXt9NYVsryEH7JAY3wt6z67oONf=uvXWTdhUzsUSZbG0nZv3g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--+pHx0qQiF2pBVqBT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2016-Jan-04 16:44:49 -0500, Mark Saad <nonesuch@longcount.org> wrote:
>On boot dmesg logs the following warning not seen on 10.2-RELEASE amd64.
>
>random device not loaded; using insecure entropy

When I first noticed this, I investigated and worked out that it's
related to how the random device initialises itself and its data and
entropy sources.  In particular, it reflects the state of the random
device at that point in time, not at any later point when random data
is actually requested.

I agree that the wording of this message could unnecessarily alarm a
sysadmin and think it could be done better.  IMHO, this sort of
alamist message should only be output if there is no decent entropy
source available when the random device is unblocked.

--=20
Peter Jeremy

--+pHx0qQiF2pBVqBT
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJWjBLHXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFRUIyOTg2QzMwNjcxRTc0RTY1QzIyN0Ux
NkE1OTdBMEU0QTIwQjM0AAoJEBall6Dkogs0888P/Rmak38EvMuhWh1IesiX/T+p
R/UtsxC3+Wm5meHNjaKtXYSPuhXjHBV6E3J40HDq7Be9IkNoIlAfD4DiVzxVKccT
Oy8l/LHFmGmSVEEb5sxEXD5kmBs3BkZUo/wKL/Mry2UH8OO3V9CYt4tcb2gNE5zw
WIQu8zMAefY9HiJBgHv8l9SWJDIH5uDFSUFqRdYXvBywQNbAD6z7Vsf90vvxZm6u
2mVpxxUNbdwzB4nTjqSLOT/cMCFkBP7vjKpjY08D6PtiFPD0QHjNxxnEJ3jXvbug
DaMHvEYArWREwm118EIeJq8xb0cm9FFQVQWcR1SYo25IuCg7AV3TwnR3hftmvPMH
aTBo+Y/wjPtqQV2Yueqfyc5fEsbR8F0b4HcHGCVKQJTFtlI/gx1sJYAbeGOJnMPO
IcclJjGTWit1rAb5gH+5pEN8qLuimHiuoja1yipffrVekvAWogPUUyBu5jtENapJ
FesscgxexIEyLEjUMdOhJ7OBolCcMjT925R2lgmXrfgCVXOR+lHWMD00Ysug11hh
OlsAJzpfhoSh7f3JPWqgJGzacI9QV6FT+T2Vph9J+8qI+GF1oZsjFt0APIFjGTdY
l01Q2LwG5AO4zbZjSSgh3Vmgx5lI1g7aLzXhSiURBU+siyydtVu38YfOKzgQ+ib3
k8lNCHpoITcziq2djy7c
=Xdr6
-----END PGP SIGNATURE-----

--+pHx0qQiF2pBVqBT--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160105190023.GF81231>