tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: default sshd host keys



On Wed, 3 Oct 2012 10:13:03 -0400
Thor Lancelot Simon <tls%panix.com@localhost> wrote:

> On Wed, Sep 05, 2012 at 12:25:20AM -0400, Matthew Mondor wrote:
> > 
> > I think this could be a problem at first boot, but netbsd-6 also seems
> > to now have /etc/rc.d/random_seed.  However this might be disabled by
> > default, because I seem to lack /var/db/entropy-file on a local
> > netbsd-6 system here (and no mention of it in rc.conf(5))...
> 
> Why would you expect to have a /var/db/entropy-file while the system is
> running?

I simply assumed it should be there by the looks
of /etc/rc.d/random_seed, where the load function doesn't delete the
file.  If the file is removed afterwards as a security measure I'm all
for it, though.

I also had no idea about the relation with boot.cfg, but I did see the
rndseed option there after it was mentioned here, thanks for the
mention.

Thanks,
-- 
Matt


Home | Main Index | Thread Index | Old Index