Date: Fri, 28 Mar 1997 03:13:38 +0300 (MSK) From: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.ru> To: Mark Murray <mark@grondar.za> Cc: Joerg Wunsch <joerg_wunsch@uriah.heep.sax.de>, markm@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: ATTENTION: Initial state of random pool Message-ID: <Pine.BSF.3.96.970328030657.521D-100000@nagual.ru> In-Reply-To: <199703271941.VAA07001@grackle.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 27 Mar 1997, Mark Murray wrote: > I am very keen to vastly improve /dev/random. > > I have lots of ideas, but my time supply and clue supply are not so good. > > At the moment, the pool of randomness is stirred far too often by MD5. I > have some more recent code by Ted Ts'o which uses SHA, and is improved in > other ways. Hmm, I not talk about improvements right now, only about bugfixes... To summarize what I want: 1) We need to check, if at least _one_ true random word added after boot just to be shure that daemons can use /dev/urandom. 2) If it happens, go to 4) 3) We need to add this random word, f.e. from timer. 4a) We need remove rndcontrol from rc.i386 (leaving it as user-land utility) and add all interrupts to kernel config file, i.e. something like: option RAND_INTS "5 7 10 11" or something more suitable. or 4b) We need to start rndcontrol as early as possible in /etc/rc (I think 4a is better) -- Andrey A. Chernov <ache@null.net> http://www.nagual.ru/~ache/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970328030657.521D-100000>