Re: default sshd host keys

To: tech-security%netbsd.org@localhost
Subject: Re: default sshd host keys
From: Matthew Mondor <mm_lists%pulsar-zone.net@localhost>
Date: Thu, 4 Oct 2012 06:16:48 -0400

On Wed, 3 Oct 2012 10:13:03 -0400
Thor Lancelot Simon <tls%panix.com@localhost> wrote:

> On Wed, Sep 05, 2012 at 12:25:20AM -0400, Matthew Mondor wrote:
> > 
> > I think this could be a problem at first boot, but netbsd-6 also seems
> > to now have /etc/rc.d/random_seed.  However this might be disabled by
> > default, because I seem to lack /var/db/entropy-file on a local
> > netbsd-6 system here (and no mention of it in rc.conf(5))...
> 
> Why would you expect to have a /var/db/entropy-file while the system is
> running?

I simply assumed it should be there by the looks
of /etc/rc.d/random_seed, where the load function doesn't delete the
file.  If the file is removed afterwards as a security measure I'm all
for it, though.

I also had no idea about the relation with boot.cfg, but I did see the
rndseed option there after it was mentioned here, thanks for the
mention.

Thanks,
-- 
Matt

Follow-Ups:
- Re: default sshd host keys
  - From: Alan Barrett

References:
- default sshd host keys
  - From: Taylor R Campbell
- Re: default sshd host keys
  - From: David Laight
- Re: default sshd host keys
  - From: Matthew Mondor
- Re: default sshd host keys
  - From: Thor Lancelot Simon

Prev by Date: Re: default sshd host keys
Next by Date: Re: default sshd host keys
Previous by Thread: Re: default sshd host keys
Next by Thread: Re: default sshd host keys
Indexes:

Home | Main Index | Thread Index | Old Index