Hi, I'm confused a little bit about the RNG in OpenBSD. if you read the following comments in /sys/dev/rnd.c the author explains how to seed the PRNG after a new boot to prevent predictable randomness: sed -n '166,206p' /sys/dev/rnd.c | more
Now, this process is done in /etc/rc the following way: (from -current) sed -n '262,277p' /usr/src/etc/rc Now my question is the following. Since /etc/netstart and pf are started before this procedure does that mean there is a tiny window upon startup that randomness is predictable? pf uses a lot of arc4random and I'm sure in the inet stack there is use of arc4random as well. regards, -peter
