On Sun, Jul 16, 2000 at 09:42:29PM +0200, Mark Murray wrote:
> > On Sun, Jul 16, 2000 at 08:26:44PM +0200, Mark Murray wrote:
> >
> > > Gotcha - fix coming; I need to stash some randomness at shutdown time, and
> > > use that to reseed the RNG at reboot time.
> >
> > ... and for installations where ssh-keygen is run the first time
> > the system boots?
>
> The situation is _worse_; the entropy is minimal, and is _very_ attackable.
What's wrong about timers for enthropy (I mean high resolution ones)?
Really we need only few bytes of enthropy and can use them to seed RNG for the
first time if no true randomness available. To be joking: MD5 of kernel module
can help too :-)
--
Andrey A. Chernov
<[EMAIL PROTECTED]>
http://ache.pp.ru/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
