Is it safe to generate some randomness in /tftpboot/etc/random.seed for
clients that PXE boot?
My concern is that this file will be available to everyone on the
network via TFTP. So does knowing this randomness help "predict" the
PRNG output of the clients that use it?
I read in a de Raadt interview earlier this year that there are other
sources mixed in at the boot loader state. So I'm guessing it shouldn't
hurt, but probably help. Some clarification on the subject from an
expert would be greatly appreciated.
Thanks,
Clint
- Generating random.seed for network boot clients Clint Pachl
-
