> I found that I always got the same fortune quote after reboot, over and over
> again. It means that /dev/random produce exact the same values after reboot.
> It means that machine timer or keyboard not used for enthropy gathering.
> Using keyboard alone not helps for automatic tasks because it can be even not
> present, so machine timer must be used at least after reboot stage i.e. in
> randomdev init procedure. Otherwise first random values are very predictable
> and subject for attack.
Gotcha - fix coming; I need to stash some randomness at shutdown time, and
use that to reseed the RNG at reboot time.
M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
