SUBMISSION: init scripts: random, portmap, nfs, sshd, mountnfs
nick at byu.edu
Mon Jan 7 20:33:13 PST 2002
On Monday 07 January 2002 19:58, you wrote:
> On Mon, Jan 07, 2002 at 07:48:08PM -0800, Nicholas Leippe wrote:
> > random
> > ======
> > saves/restores /dev/urandom, which is the kernel entropy pool-based
> > random number generator used by various encryption libraries and
> > portmap as well iirc. A possible candidate for inclusion in the
> > base LFS.
> What if there's no /var/random-seed - should we just leave the pool as-is
> and wait for it to eventually fill up enough to be secure enough?
I don't claim to know too much about this, but I just took a read
through drivers/char/random.c and it seems that from the instant the
kernel is booted entropy starts to be gathered from interrupts and
block layer traffic.
Attached is a reworked script based on the example given in random.c
itself. I have not tested it yet, but it is very similar to the one
I posted before save it is a little more thorough on file permissions
and checking the size of the entropy pool. The comments in random.c
seem to suggest that it's not a problem to save the pool right at start-up.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1339 bytes
Desc: not available
More information about the blfs-dev