Re: random.seed question

2015-11-27 Thread Craig Skinner
On 2015-11-26 Thu 15:54 PM |, Paul de Weerd wrote: > > I'd recommend sticking something in rc.local or creating an @reboot > cronjob that updates the /etc/random.seed. May not be ideal (the > entropy may not be very strong - I don't know if there is much > difference between just after boot or

Re: random.seed question

2015-11-26 Thread Theo de Raadt
> I am concerned about shutdown message about inability to dd random.seed > because of read-only file system. What would be the implications of not > writing it on shutdown? Huge loss of security in cryptographic situations. This explains the mechanism it serves:

Re: random.seed question

2015-11-26 Thread Paul de Weerd
On Thu, Nov 26, 2015 at 01:30:51PM +0100, Marko Cupa?? wrote: | Hi, | | I can't seem to find an explanation what is the purpose of random.seed | from sysadmin's point of view. Any good soul out there to point me in | the right direction? Carry entropy from the previous run to the next. This

Re: random.seed question

2015-11-26 Thread Stuart Henderson
On 2015-11-26, Paul de Weerd wrote: > On Thu, Nov 26, 2015 at 01:30:51PM +0100, Marko Cupa?? wrote: > >| The reason why I am asking is the fact that I am preparing pcengines >| apu box which needs to be read-only because of reduced sdcard wear but >| also because it is going to

Re: random.seed question

2015-11-26 Thread Paul Suh
> On Thu, Nov 26, 2015 at 01:30:51PM +0100, Marko Cupa?? wrote: > > | The reason why I am asking is the fact that I am preparing pcengines > | apu box which needs to be read-only because of reduced sdcard wear but > | also because it is going to be placed in remote environment with > | frequent

Re: random.seed question

2015-11-26 Thread Andy Bradford
Thus said Paul de Weerd on Thu, 26 Nov 2015 15:54:11 +0100: > I'd recommend trying to keep such changes to a minimum: this will be > overwritten when you upgrade and it becomes a maintenance burden. Do files in /etc no longer undergo a round of sysmerge before being written? Thanks,

Re: random.seed question

2015-11-26 Thread Theo de Raadt
> Thus said Paul de Weerd on Thu, 26 Nov 2015 15:54:11 +0100: > > > I'd recommend trying to keep such changes to a minimum: this will be > > overwritten when you upgrade and it becomes a maintenance burden. > > Do files in /etc no longer undergo a round of sysmerge before being > written?