On Tue, May 12, 2020 at 10:00:20AM +0300, Andreas Gustafsson wrote: > we have entropy when we don't. Adding more sources could mean > reintroducing some timing based sources after careful analysis, but > also things like having the installer install an initial random seed > on the target machine (and if the installer itself lacks entropy, > asking the poor user to pound on the keyboard until it does).
I was thinking about the installer part and wondered if there is a less obstrusive way - like: I know I have machines in my local network (a) that I trust and (b) that I know have good entropy. Could the installer (on request) bring up the network and query some things like time from a time server and entropy from a known good source? The keyboard method would of course still be needed as many users won't have the needed local servers. Martin
