From owner-freebsd-current@FreeBSD.ORG  Tue Apr 13 12:37:56 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3223B16A4CE; Tue, 13 Apr 2004 12:37:56 -0700 (PDT)
Received: from kate.fud.org.nz (203-79-110-29.cable.paradise.net.nz
	[203.79.110.29])	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 1DC5943D5C; Tue, 13 Apr 2004 12:37:55 -0700 (PDT)
	(envelope-from andy@fud.org.nz)
Received: by kate.fud.org.nz (Postfix, from userid 1001)
	id D967917044; Wed, 14 Apr 2004 07:37:53 +1200 (NZST)
Date: Wed, 14 Apr 2004 07:37:53 +1200
From: Andrew Thompson <andy@fud.org.nz>
To: Mark Murray <markm@FreeBSD.ORG>
Message-ID: <20040413193753.GA50674@kate.fud.org.nz>
References: <20040412103333.GA47211@kate.fud.org.nz>
	<200404131550.i3DFocIn099231@grimreaper.grondar.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200404131550.i3DFocIn099231@grimreaper.grondar.org>
User-Agent: Mutt/1.5.6i
cc: freebsd-current@FreeBSD.ORG
Subject: Re: dev/random
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Apr 2004 19:37:56 -0000

On Tue, Apr 13, 2004 at 04:50:38PM +0100, Mark Murray wrote:
> Andrew Thompson writes:
> > With the latest dev/random commits I have been unable to installworld
> > in single-user mode. mktemp blocks when trying to read the random
> > device, I have confirmed this by doing 'hexdump /dev/random' which
> > produces no output.
> >
> > after running '/etc/rc.d/random start' everything is working fine. Can
> > anyone else confirm this?
> 
> This is a feature.
> 
> For now, kickstart the device with
> 
> # ${SOME_COMMAND} > /dev/random
> 
> SOME_COMMAND should have output entropy proportional to the seriousness
> of your threat model. For messing around at home, 'ls -alR /etc /var' is
> probably OK.
> 
> Something like 'echo foo' will work, but will start your RNG in a known
> insecure state.
> 

Ok. The build instructions may need to be updated, or I can see a lot of users
crying that their installworld has frozen.


# make buildworld
# make buildkernel
# make installkernel
# reboot to single user
# *kick the random device with some entropy*
# mergemaster -p
# make installworld
# mergemaster
# reboot