Date: Sun, 6 Dec 2020 15:36:25 -0800 From: Dave Hayes <dave@jetcafe.org> To: freebsd-hackers@freebsd.org Subject: arc4random initialization Message-ID: <20201206153625.13e349a8@bigus.dream-tech.com>
next in thread | raw e-mail | index | archive | help
When I'm running FreeBSD on what amounts to a live DVD (no writable
filesystems), I get this message:
arc4random: no preloaded entropy cache
I went looking in the source for this message and near enough to the
message source found this troubling comment in sys/libkern/arc4random.c:
/*
* This is making the best of what may be an insecure
* Situation. If the loader(8) did not have an entropy
* stash from the previous shutdown to load, then we will
* be improperly seeded. The answer is to make sure there
* is an entropy stash at shutdown time.
*/
So security-wise, just how bad is it to be improperly seeded? If I cannot get
a valid entropy stash at boot time, can I delay the need for it until I can get
a writable filesystem up and running?
Thanks in advance for any cogent replies.
--
Dave Hayes - Consultant - LA CA, USA - dave@dream-tech.com
>>>> *The opinions expressed above are entirely my own* <<<<
The person who first said "There is no smoke without fire"
may have been describing the state of the technology at
the time it was said, not enunciating a truth.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20201206153625.13e349a8>