random(4) plugin infrastructure for mulitple RNG in a modular fashion
David O'Brien
obrien at FreeBSD.org
Thu Aug 8 20:55:17 UTC 2013
On Wed, Aug 07, 2013 at 05:07:15PM -0700, Scott Long wrote:
> We only compile and deploy a whitelist subset of modules, so the PRNG
> modules were not compiled into the kernel nor present in /boot. When the
> machine came up, it paused waiting for keyboard input. In one iteration, it
> released the hold after about 100 characters of quick typing.
Do you have any random(4) related local changes? I ask because the
FreeBSD kernel does not block due to either a missing a /dev/random
device, nor yarrow being not seeded.
I'd like to understand how you experienced what seems to be blocking
due to being not-seeded in a FreeBSD 10 (or -STABLE) kernel.
> In the first iteration, even after the system continued, various things
> complained and/or failed with a complaint of there being no
> /dev/random. named was one thing, but I know there were others.
It sounds like this is not a headless machine, correct?
I'll enable named on my test machine and see if I get the whine about
lack of /dev/random. Note that OpenSSL (and thus OpenSSH) handle the
lack of /dev/random. (and do so without warning or other indication)
Are there other non-default daemons you enable.
--
-- David (obrien at FreeBSD.org)
More information about the freebsd-arch
mailing list