Re: cprng sysctl: WARNING pseudorandom rekeying.

[Iain Hibbert <plunky%rya-online.net@localhost>]

On Fri, 9 Nov 2012, Thor Lancelot Simon wrote:

> On Fri, Nov 09, 2012 at 05:07:38PM +0000, Iain Hibbert wrote:
> > I get the above message during boot up. Every boot. Twice. At the same
> > place..
> >
> > Why is it necessary to SHOUT a warning, about what seems to be a normal
> > occurrence?
>
> It should not be a normal occurrence.  Does your port support loading
> entropy from the bootblocks?  If so, you probably want to turn that on.

It is an i386 machine.. how do I know if the port supports that?

also

- how do I turn that on?

- why do I want to turn that on?

- how serious is it, in reality?

- if the port does not support it then how can I disable the warning?

- if it is necessary, why is it not the default?

- how do I generate the 'entropy' that is loaded?

- how can it be entropy, if it is loaded from the bootblocks?

- what stored it in the bootblocks?

I'm asking these questions because I can't find any documentation about
this warning, which appears twice during every normal boot on my laptop
(which is shutdown -p when unused, since I am off grid). I guess that if
this is part of the rnd(4) pseudo-device then there should be a
DIAGNOSTICS section there explaining what this message means and what to
do about it..

thanks,
iain