On Sun, Apr 04, 2021 at 11:02:02PM +, Taylor R Campbell wrote:
>
> Lots of SoCs have on-board RNGs these days; there are Intel and ARM
> CPU instructions (no ARMv8.5 hardware yet that I know of, but we're
> ready for its RNG!); some crypto decelerators like tpm(4), ubsec(4),
> and hifn(4)
On Tue, Apr 06, 2021 at 10:54:51AM -0700, Greg A. Woods wrote:
> At Mon, 5 Apr 2021 23:18:55 -0400, Thor Lancelot Simon wrote:
>
> > But what you're missing is that neither does what you
> > think. When rndctl -L runs after the system comes up multiuser, all
> > entropy samples that have been
At Wed, 7 Apr 2021 22:47:39 +0200, Martin Husemann wrote:
Subject: Re: regarding the changes to kernel entropy gathering
>
> When you create a custom setup like that, you will have to replace
> etc/rc.d/entropy with a custom solution (e.g. mounting some flash storage).
No storage means "NO
On Wed, Apr 07, 2021 at 12:14:58PM -0700, Greg A. Woods wrote:
> > You run it once. Manually. And never again.
>
> Nope, sorry, that's not a good enough answer.
It is for the typical and default installs.
> It doesn't solve the
> problem of dealing with a lack of mutable storage.
When you
At Wed, 7 Apr 2021 09:52:29 +0200, Martin Husemann wrote:
Subject: Re: regarding the changes to kernel entropy gathering
>
> On Tue, Apr 06, 2021 at 03:12:45PM -0700, Greg A. Woods wrote:
> > > Isn't it as simple as:
> > >
> > > dd bs=32 if=/dev/urandom of=/dev/random
> >
> > No, that still
On Wed, Apr 07, 2021 at 07:53:07AM -0400, matthew sporleder wrote:
> So on a brand new installation/first boot why isn't the clock a
> sufficiently random thing? (anymore?)
Becaus it isn't random?
> Hung and unusable systems are a big problem. Happening on the first
> boot is not a good first
On Wed, Apr 7, 2021 at 7:10 AM Martin Husemann wrote:
>
> On Wed, Apr 07, 2021 at 07:05:12AM -0400, matthew sporleder wrote:
> > Is the issue gaw saw exclusive to xen first boots? Are there other
> > ways to end up in his situation?
>
> It happens on all new installations for machines with no
On Tue, 6 Apr 2021, RVP wrote:
On Tue, 6 Apr 2021, Taylor R Campbell wrote:
Why do you say that? We do incorporate many sources that are not
well-studied -- every keystroke, for example, and the CPU cycle
counter at the time of the keystroke, affects the output of
/dev/urandom.
Is the
On Wed, Apr 07, 2021 at 07:05:12AM -0400, matthew sporleder wrote:
> Is the issue gaw saw exclusive to xen first boots? Are there other
> ways to end up in his situation?
It happens on all new installations for machines with no RNG, which is
the far majority of everything but "newish" amd64 and
> On Apr 6, 2021, at 8:09 AM, Taylor R Campbell wrote:
>
>
>> Date: Mon, 05 Apr 2021 10:58:58 +0700
>> From: Robert Elz
>> I understand that some people desire highly secure systems (I'm not
>> convinced that anyone running NetBSD can really justify that desire,
>> but that's beside the
On Tue, Apr 06, 2021 at 06:24:38PM +, Koning, Paul wrote:
> > Isn't it as simple as:
> >
> > dd bs=32 if=/dev/urandom of=/dev/random
> >
> > ?
>
> That runs the risk of people thinking it adds entropy. I'd be more
> comfortable with this:
>
> dd bs=32 if=/dev/zero
On Tue, Apr 06, 2021 at 03:12:45PM -0700, Greg A. Woods wrote:
> > Isn't it as simple as:
> >
> > dd bs=32 if=/dev/urandom of=/dev/random
>
> No, that still leaves the question of _when_ to run it. (And, at least
> at the moment, where to put it. /etc/rc.local?)
Of course not!
You run it
12 matches
Mail list logo
