Port-xen archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: regarding the changes to kernel entropy gathering




> On Apr 6, 2021, at 2:21 PM, Martin Husemann <martin%duskware.de@localhost> wrote:
> 
> 
> [EXTERNAL EMAIL] 
> 
> On Tue, Apr 06, 2021 at 10:54:51AM -0700, Greg A. Woods wrote:
>> Except.... it seems to be useless in practice without an initial seed,
> 
> Yes.
> 
>> And the stock implementation has no possibility of ever providing an
>> initial seed at all on its own (unlike previous implementations, and of
>> course unlike what my patch _affords_).
> 
> Isn't it as simple as:
> 
> 	dd bs=32 if=/dev/urandom of=/dev/random
> 
> ?

That runs the risk of people thinking it adds entropy.  I'd be more comfortable with this:

	dd bs=32 if=/dev/zero of=/dev/random

because it makes the security implications more obvious.

	paul



Home | Main Index | Thread Index | Old Index