On Fri, Jan 15, 2021 at 11:07:12AM +0100, Martin Husemann wrote: > On Fri, Jan 15, 2021 at 09:25:41AM +0100, Manuel Bouyer wrote: > > > If a machine doesn't have any unpredictable inputs, well, there's no > > > magic we can do -- you can copy a seed over from another machine (on a > > > > Yes. I just want to make sure this will remain an option. For this to > > work the machine has to come up multiuser with working network ... > > The (currently disabled) code in sysinst offers to fetch it via network just > like it fetches sets.
Can we create a random stream for all such situations instead of a file? Say open a TCP/IP connection to some NetBSD server that spits out a X number of random bytes by its random generator and then closes the stream? Each opening will then have real random bytes and provide an unique seed for each RNG compromised system. Reinoud
