Re: Waiting for Randot (or: nia and maya were right and I was wrong)

[nia <nia%NetBSD.org@localhost>]

On Mon, Jan 11, 2021 at 12:23:46PM +0100, Martin Husemann wrote:
> I still think that this should be dealt with (once and for all) at
> installation time (as we did for a short period, for some machines and
> install methods) - but apparently it is impossible to reach consensus
> on the wording and supported methods, so I won't touch it.
> 
> Martin

I don't think more options should be added to the installer (it has
too many things that are confusing to a new user already), but I
also do not think that manual input of entropy is something that
should ever be exposed to users.

I also don't think the installer is a place where anything can
be solved "once and for all" - there are architectures that do not
use it at all, where either a HWRNG is unavailable or is not trusted
(e.g. sunxi devices).

I still think my idea to record a second of noise from /dev/audio on
machines that totally lack other strong sources is a good one. We did
already put together the code and test it on a range of hardware and
VMs.

Overall though I'm reasonably happy with this compromise, although
it would still make me sleep safer at night if we very conservatively
added a bit from environmental sensors ever so often - perhaps based
on a advance measurements from a range of hardware rather than
runtime calculations.

The man page is very clearly written, aside from the parts that
recommend tossing coins.