From owner-cvs-all Thu Jan 11 14:37: 6 2001 Delivered-To: cvs-all@freebsd.org Received: from harmony.village.org (rover.village.org [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id A0CD937B69B; Thu, 11 Jan 2001 14:36:40 -0800 (PST) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.11.1/8.11.1) with ESMTP id f0BMaNs75406; Thu, 11 Jan 2001 15:36:23 -0700 (MST) (envelope-from imp@harmony.village.org) Message-Id: <200101112236.f0BMaNs75406@harmony.village.org> To: "Andrew Reilly" Subject: Re: cvs commit: src/etc crontab rc src/etc/defaults rc.conf src/etc/mtree BSD.root.dist src/libexec Makefile src/libexec/save-entropy Makefile save-entropy.sh Cc: Mark Murray , Matt Dillon , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org In-reply-to: Your message of "Fri, 12 Jan 2001 09:22:50 +1100." <20010112092249.A42857@gurney.reilly.home> References: <20010112092249.A42857@gurney.reilly.home> <200101111901.f0BJ1jU72510@earth.backplane.com> <200101112033.f0BKXtI10390@gratis.grondar.za> Date: Thu, 11 Jan 2001 15:36:23 -0700 From: Warner Losh Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20010112092249.A42857@gurney.reilly.home> "Andrew Reilly" writes: : Why? Can't you reseed the random device multiple times, as more : entropy becomes available? Sure, random() calls before then : might be more "crackable", but it doesn't sound as though that's : a serious problem. Exactly my point as well. You seed it with crap once. The random calls in mount will be less than completely random, but they will be random enough. You won't have an attacker who is able to race anything at that state in the boot process. You won't have any lingering information that could be useful down the road (as far as I can tell anyway). Just seed the device with something so that you can mount your real source of entropy. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message