tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: default sshd host keys



On Thu, 04 Oct 2012, Matthew Mondor wrote:
Why would you expect to have a /var/db/entropy-file while the system is
running?

I simply assumed it should be there by the looks
of /etc/rc.d/random_seed, where the load function doesn't delete the
file.  If the file is removed afterwards as a security measure I'm all
for it, though.

The rndctl(8) man page documents that rndctl -L deletes the file. However, it might make sense for /etc/rc.d/random_seed to verify that the file has been deleted, or to unconditionally use "rm -f" in case the file was not deleted.

--apb (Alan Barrett)


Home | Main Index | Thread Index | Old Index