Date: Tue, 25 Nov 2008 00:58:16 +0300 From: Stanislav Sedov <stas@FreeBSD.org> To: Aragon Gouveia <aragon@phat.za.net> Cc: freebsd-security@freebsd.org Subject: Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-08:11.arc4random Message-ID: <20081125005816.8f1993b8.stas@FreeBSD.org> In-Reply-To: <20081124180859.GA28462@phat.za.net> References: <200811241747.mAOHlDSE034716@freefall.freebsd.org> <20081124180859.GA28462@phat.za.net>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 24 Nov 2008 20:08:59 +0200 Aragon Gouveia <aragon@phat.za.net> mentioned: > | By FreeBSD Security Advisories <security-advisories@freebsd.org> > | [ 2008-11-24 19:48 +0200 ] > > III. Impact > > > > All security-related kernel subsystems that rely on a quality random > > number generator are subject to a wide range of possible attacks for the > > 300 seconds after boot or until 64k of random data is consumed. The list > > includes: > > I suppose this would affect the quality of SSH host keys generated at boot > time by RC? > Nope, userland is unaffected. - -- Stanislav Sedov ST4096-RIPE -----BEGIN PGP SIGNATURE----- iEUEARECAAYFAkkrI3gACgkQK/VZk+smlYFwWQCXSwYxHbUizxmriBT3pO1Ei8W7 GACff74X/J3b4c01zRkXmsYxE981hwk= =v+Xl -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081125005816.8f1993b8.stas>