Subject: Re: add rnd(4) to install floppy
To: Jun-ichiro itojun Hagino <>
From: Klaus Klein <>
List: tech-security
Date: 09/05/2003 18:17:25 (Jun-ichiro itojun Hagino) writes:

>> I also think that the rnd(4) stuff is inappropriate.
>> A straight forward, cryptographically secure, random sequence generator
>> could be used - and wouldn't keep running out of entropy.
>> The only difficulty is getting enough randomness at the start.
> 	what do you suggest then?  prepare a special libcrypt which does not
> 	use rnd(4) just for installation floppy?

Since the originial problem was about having a better PRNG accessible
to fsirand(8), a different (and less elegant) approach could be a flag
left behind by sysinst upon which fsirand is run on the file systems
early during the next boot sequence, using rnd(4).

- Klaus