Limits to seeding /dev/random | random(4)

Dirk-Willem van Gulik dirkx at webweaving.org
Fri Jul 13 15:13:11 UTC 2018


> On 13 Jul 2018, at 15:51, Ian Lepore <ian at freebsd.org> wrote:
> 
> On Thu, 2018-07-12 at 11:40 -0700, Conrad Meyer wrote:
>> Identical results are very troubling.  Maybe your readonly
>> filesystems
>> contain a static "entropy" file that is being fed in every boot (with

Most certainly not.

>> identical contents)?  If so, you definitely want to remove that
>> during
>> image generation.  That, in tandem with few other sources of entropy,
>> could explain identical results.

I suspect this to be the issue.
> 
> I have been reporting for years that certain kinds of embedded systems
> lead to zero entropy available at boot, including the fact that the
..
> It happens. Embedded systems are a different world, and if entropy is
> important, sometimes we have to go out of our way to provide some.

In our case it is merely a low end machine - but diskless, read-only and with hardly any perifials.

Dw.


More information about the freebsd-hackers mailing list