Yep is probably better. I did think something dough when writing the service. For some reason I thought that /etc was mounted readonly and only writeable by the guix daemon - which is obviously not the case - and that the vm virtual disk was readonly - which has a unionfs overlay.
So I can't find a reason not to use the -R option (even if I'd feel better now if I could =P) Thank you for pointing this out. On Sun, Jul 10, 2016 at 12:43 AM, Leo Famulari <l...@famulari.name> wrote: > On Sat, Jul 09, 2016 at 06:41:25PM -0400, Leo Famulari wrote: >> On Thu, Jul 07, 2016 at 01:25:17PM -0400, Leo Famulari wrote: >> > If so, what does Dropbear do? How does it get random numbers to generate >> > the host key? >> >> I looked into it — Dropbear uses /dev/urandom, which *may* not be safe >> to use immediately after first boot. >> >> What do you think about implementing the '-R' option, described below? > > To clarify, I'm also asking what you think about making it the default > for the dropbear-service.
