Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 28 Mar 1997 03:13:38 +0300 (MSK)
From:      =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.ru>
To:        Mark Murray <mark@grondar.za>
Cc:        Joerg Wunsch <joerg_wunsch@uriah.heep.sax.de>, markm@FreeBSD.ORG, security@FreeBSD.ORG
Subject:   Re: ATTENTION: Initial state of random pool 
Message-ID:  <Pine.BSF.3.96.970328030657.521D-100000@nagual.ru>
In-Reply-To: <199703271941.VAA07001@grackle.grondar.za>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 27 Mar 1997, Mark Murray wrote:

> I am very keen to vastly improve /dev/random.
> 
> I have lots of ideas, but my time supply and clue supply are not so good.
> 
> At the moment, the pool of randomness is stirred far too often by MD5. I
> have some more recent code by Ted Ts'o which uses SHA, and is improved in
> other ways.

Hmm, I not talk about improvements right now, only about bugfixes...

To summarize what I want:

1) We need to check, if at least _one_ true random word added after
boot just to be shure that daemons can use /dev/urandom.

2) If it happens, go to 4)

3) We need to add this random word, f.e. from timer.

4a) We need remove rndcontrol from rc.i386 (leaving it as user-land
utility) and add all interrupts to kernel config file, i.e.
something like:
option	RAND_INTS	"5 7 10 11"
or something more suitable.

or

4b) We need to start rndcontrol as early as possible in /etc/rc
(I think 4a is better)

-- 
Andrey A. Chernov
<ache@null.net>
http://www.nagual.ru/~ache/




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970328030657.521D-100000>