Date: Wed, 14 Apr 2004 07:37:53 +1200 From: Andrew Thompson <andy@fud.org.nz> To: Mark Murray <markm@FreeBSD.ORG> Cc: freebsd-current@FreeBSD.ORG Subject: Re: dev/random Message-ID: <20040413193753.GA50674@kate.fud.org.nz> In-Reply-To: <200404131550.i3DFocIn099231@grimreaper.grondar.org> References: <20040412103333.GA47211@kate.fud.org.nz> <200404131550.i3DFocIn099231@grimreaper.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Apr 13, 2004 at 04:50:38PM +0100, Mark Murray wrote:
> Andrew Thompson writes:
> > With the latest dev/random commits I have been unable to installworld
> > in single-user mode. mktemp blocks when trying to read the random
> > device, I have confirmed this by doing 'hexdump /dev/random' which
> > produces no output.
> >
> > after running '/etc/rc.d/random start' everything is working fine. Can
> > anyone else confirm this?
>
> This is a feature.
>
> For now, kickstart the device with
>
> # ${SOME_COMMAND} > /dev/random
>
> SOME_COMMAND should have output entropy proportional to the seriousness
> of your threat model. For messing around at home, 'ls -alR /etc /var' is
> probably OK.
>
> Something like 'echo foo' will work, but will start your RNG in a known
> insecure state.
>
Ok. The build instructions may need to be updated, or I can see a lot of users
crying that their installworld has frozen.
# make buildworld
# make buildkernel
# make installkernel
# reboot to single user
# *kick the random device with some entropy*
# mergemaster -p
# make installworld
# mergemaster
# reboot
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040413193753.GA50674>