SUBMISSION: init scripts: random, portmap, nfs, sshd, mountnfs

Nicholas Leippe nick at byu.edu
Mon Jan 7 20:33:13 PST 2002


On Monday 07 January 2002 19:58, you wrote:
> On Mon, Jan 07, 2002 at 07:48:08PM -0800, Nicholas Leippe wrote:
> > random
> > ======
> > saves/restores /dev/urandom, which is the kernel entropy pool-based
> > random number generator used by various encryption libraries and
> > portmap as well iirc.  A possible candidate for inclusion in the
> > base LFS.
>
> What if there's no /var/random-seed - should we just leave the pool as-is
> and wait for it to eventually fill up enough to be secure enough?

I don't claim to know too much about this, but I just took a read
through drivers/char/random.c and it seems that from the instant the
kernel is booted entropy starts to be gathered from interrupts and
block layer traffic.

Attached is a reworked script based on the example given in random.c
itself.  I have not tested it yet, but it is very similar to the one
I posted before save it is a little more thorough on file permissions
and checking the size of the entropy pool.  The comments in random.c
seem to suggest that it's not a problem to save the pool right at start-up.


Nick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: random
Type: application/x-shellscript
Size: 1339 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/blfs-dev/attachments/20020107/d27b7222/attachment.bin>


More information about the blfs-dev mailing list