Subject: Re: enabling rnd(4) by default
To: Todd Vierling <email@example.com>
From: None <firstname.lastname@example.org>
Date: 02/15/2001 09:51:27
>: given the increasing number of crypto-ish tools used in the system,
>: I'm wondering if it is a good idea to enable rnd(4) device by default,
>: in sys/conf/files. it is rather hard for us to enforce its
>: availability by having it in all kernel configuration file.
>: what do people think? are there any real trouble if we enable it
>: by default?
>It should be fine remaining in kernel config files.
>We should make *more* kernel trimming options available, not less.
well that depends... rnd(4) is mandatory for using ssh/sshd,
which are 99% mandatory for every machines around here. also note
that with no rnd(4) some software fails badly with poor random number
generator (there can be other way to fix, but there's no general
solution other than to provide a good rnd(4)).
maybe the part of the problem is that we cannot remove devices/options
in kernel configuration file.