yarrow random generator
RW
rwmaillists at googlemail.com
Thu Dec 24 23:13:52 UTC 2009
On Thu, 24 Dec 2009 19:48:43 +0000 (GMT)
Robert Watson <rwatson at FreeBSD.org> wrote:
> On Thu, 24 Dec 2009, Paul Graphov wrote:
>
> > And also according to Schneier it is a good idea to save state of
> > the PRNG and restore it on boot to make it "more seeded".
>
> In the default configuration, we save some PRNG output every few
> minutes (using cron) to a file in /var so that it can be re-injected
> into Yarrow on the next boot (done by /etc/rc.d/random).
It isn't handled very well though. The files saved by crontab
under /var are loaded a bit late in the boot sequence - after encrypted swap.
The main entropy file is loaded earlier, but immediatly after
ps -fauxww, sysctl -a, etc are dumped into the device, saturating its 4K
of buffer space.
More information about the freebsd-hackers
mailing list