As DJB pointed out on another listhost, one only needs 256 random bits once, and can then use a PRF to generate an indefinite number forever. Why does /dev/random not do this and so avoid blocking after startup? It wouldn't be that hard to write to a defined block of a disk image these 32 random bytes. Sincerely, Watson Ladd