Date: Wed, 10 Jan 2001 12:21:26 +0200 From: Mark Murray <mark@grondar.za> To: Dag-Erling Smorgrav <des@ofug.org> Cc: Dan Moschuk <dan@FreeBSD.ORG>, arch@FreeBSD.ORG, markm@FreeBSD.ORG Subject: Re: Keeping an /entropy file Message-ID: <200101101020.f0AAKsI03830@gratis.grondar.za> In-Reply-To: <xzplmsjg1k0.fsf@flood.ping.uio.no> ; from Dag-Erling Smorgrav <des@ofug.org> "10 Jan 2001 11:10:39 %2B0100." References: <xzplmsjg1k0.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
> Dan Moschuk <dan@FreeBSD.ORG> writes: > > Without too big of a bikeshed, what does everyone think of either > > adding a system crontab or modifying the random device itself to generate > > /entropy at a specified interval? > > Doesn't that consume a largish amount of entropy? If so, I don't think > it's a very good idea. It's mandated by the Yarrow algorithm, and it ensures a safe startup. Yarrow is resistant to entropy starvation, so the concept of "emptying the pool" is far less important than the ability to recover encryption keys of the ciphers used. M -- Mark Murray Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101101020.f0AAKsI03830>