Persisting /dev/random state across reboots
Thomas
tom at electric-sheep.org
Fri Jul 30 02:38:24 EDT 2010
Am Donnerstag 29 Juli 2010, 21:47:01 schrieb Richard Salz:
> At shutdown, a process copies /dev/random to /var/random-seed which is
> used on reboots.
> Is this a good, bad, or "shrug, whatever" idea?
> I suppose the idea is that "all startup procs look the same" ?
Indeed. The boot process of a machine is very deterministic
and if you do not have any Hardware RNG you need to seed
/dev/random.
At least old Linux kernels (2.4) also overestimate the entropy
in the pool by about 30% which is especially a problem when you
generate ssh host keys during system installation.
Bye
Thomas
--
Thomas Biege <thomas at suse.de>, SUSE LINUX, Security Support & Auditing
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
-- Marie von Ebner-Eschenbach
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list