Hello all. > ----- Original Message ----- > From: Robert Elz > Sent: 11/09/12 11:33 PM > To: Thor Lancelot Simon > Subject: Re: cprng sysctl: WARNING pseudorandom rekeying. > > Date: Fri, 9 Nov 2012 13:13:25 -0500 > From: Thor Lancelot Simon <t...@panix.com> > Message-ID: <20121109181325.ga19...@panix.com> > > | Did you install by upgrading? > > No, it is a fresh install off an install CD. It is on a virtualbox > running under Windows 7 (one day that really is going away, I detest > Windows...) so I can trivially do new installs, and have done several.
Yes, it's fresh install (6.x-CURRENT flood-up my 64MB /root partition, 5.x was fine with 64 MB /root like 1.6). I have to increase /root to 128 MB. > > | We do need to find a way to ensure that upgrades result in boot.conf > | files which will automatically load entropy if possible. > > I assume you mean /boot.cfg? > > It has ... > > menu=Boot normally:rndseed /var/db/entropy-file;boot netbsd > menu=Boot single user:rndseed /var/db/entropy-file;boot netbsd -s > menu=Disable ACPI:rndseed /var/db/entropy-file;boot netbsd -2 > menu=Disable ACPI and SMP:rndseed /var/db/entropy-file;boot netbsd -12 > menu=Drop to boot prompt:prompt Nice info. I have separate /var partition. I've seen the message twite: first fast boot and delayed second. > > (plus the default, timeout etc settings) default=1, which is the > "boot normally" which has the rndseed stuff in it, yet it still said > > /netbsd: cprng kernel: WARNING pseudorandom rekeying. > > when it booted (for me, unlike Iain, I think just once - but that just > means, I assume, that I am not consuming as many random bits). > > And actually looking carefully at /var/log/messages & its timestamps, > (rather than just the console without them) it seems as if it happens > a couple of hours after the system was booted. > > kre I guess these scripts too fast/slow. /var is not mounted when system is booting, thus no /var/db/entropy-file. The second issue could be triggered via get_some_random when /var is mounted (and no entropy-file again). That can occur when entropy-file is created under unmounted /var (thus no /var/db directory at all). I don't sure that script recreates /var/db directory. Thus it fails to create /var/db/entrppy-file on shutdown. No file again. I have no my book under hands. Thus it's just guess. HTH, -- ynzo