Date: Thu, 03 Oct 2002 15:29:01 -0700 From: "Firsto Lasto" <firstolasto@hotmail.com> To: mark@grondar.za Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: PRNG not seeded - error in non-root ssh inside 4.6.2 jails... Message-ID: <F1404zadTMVwVn20lbh00000221@hotmail.com>
next in thread | raw e-mail | index | archive | help
Ok, I am not sure how I can do that though - I cannot successfully run `rndcontrol -s X` inside a jail. On the other hand, I already have: rand_irqs="9 10 11 13 14" In my rc.conf on the underlying host machine, and have done several boots with that in place. So presumably I should be seeded just fine, but if I am not, I cannot change that in the jail because it seems I cannot set that (I assume it is a sysctl issue). Willing to try whatever you can think of next :) > > > I can't seed it by banging on the keyboard - it is a headless server in >a > > rack thousands of miles from me :) > > > > Perhaps there is another way to do it ? > >Yes. > >You need to find sources of entropy in interrupts. Look at a >dmesg, and note which IRQ's your network device(s) and mass >storage controller(s) (both SCSI and ATA). Use any other >irq's that aren't too busy and may be somewhat random. >Staring at a 'systat 2 -vmstat' screen (right hand side) >may give some clues. > >Then use rndcontrol(8) to set up the seeding. There is a knob >in rc.conf to make this setting survive the next reboot. > >M > > > >Date: Thu, 03 Oct 2002 21:54:30 +0100 > > > > > > > Sorry, here is the rest: > > > > > > > > Here is the output of the `dd` command using urandom: > > > > > > > > dd if=/dev/urandom of=/dev/stdout bs=512 count=1 | hexdump -C > > > > 1+0 records in > > > > 1+0 records out > > > > 00000000 a0 69 1a 7c 8f 32 e5 21 ae 7a 33 14 68 0b 8e a6 > > > > |.i.|.2.!.z3.h...| > > > > > >... etc. Looking good. > > > > > > > $ ls -l /dev/*rand* > > > > crw-r--r-- 1 root wheel 2, 3 Sep 3 21:46 /dev/random > > > > crw-r--r-- 1 root wheel 2, 4 Sep 3 21:46 /dev/urandom > > > > > >Also good. > > > > > > > > > So then, as root I ran: `chmod 0666 /dev/stdout` and then I ran >your > > > > >`dd` > > > > > > command and got: > > > > > > > > > > > > $ dd if=/dev/random of=/dev/stdout bs=512 count=1 | hexdump -C > > > > > > 0+0 records in > > > > > > 0+0 records out > > > > > > 0 bytes transferred in 0.000036 secs (0 bytes/sec) > > > > > >Can you try a few of these while furiously abusing your keyboard? > > >I'm trying to see if /dev/random can be persuaded to give _any_ > > >aoutput at all. > > > > > >Maybe do it on a vty instead of in X. > > > > > >M > > >-- > > >o Mark Murray > > >\_ > > >O.\_ Warning: this .sig is umop ap!sdn > > > > > > > > > > _________________________________________________________________ > > Chat with friends online, try MSN Messenger: http://messenger.msn.com > > >-- >o Mark Murray >\_ >O.\_ Warning: this .sig is umop ap!sdn _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F1404zadTMVwVn20lbh00000221>