Re: getrandom and getentropy

On Tue, May 12, 2020 at 10:00:20AM +0300, Andreas Gustafsson wrote:
> we have entropy when we don't.  Adding more sources could mean
> reintroducing some timing based sources after careful analysis, but
> also things like having the installer install an initial random seed
> on the target machine (and if the installer itself lacks entropy,
> asking the poor user to pound on the keyboard until it does).

I was thinking about the installer part and wondered if there is a less
obstrusive way - like: I know I have machines in my local network (a) that
I trust and (b) that I know have good entropy. Could the installer (on
request) bring up the network and query some things like time from a time
server and entropy from a known good source? The keyboard method would
of course still be needed as many users won't have the needed local servers.


