Re: cprng sysctl: WARNING pseudorandom rekeying.

[Thor Lancelot Simon <tls%panix.com@localhost>]

On Sat, Nov 10, 2012 at 12:39:59AM +0700, Robert Elz wrote:
> 
> How?
> 
> And if that's something that is supposed to be enabled, why does the
> default install not just enable it?

Did you install by upgrading?  If so, I think what you've run into is
that your boot loader configuration has the old default entries (or
whatever changes you made to them) and not the new defaults.

In NetBSD 6.0 and later, entropy is saved by the system shutdown
scripts and is loaded from the filesystem by either the bootblocks
(if they know how: i386 and amd64) or a startup script.

If your system has few sources of entropy, and you don't have
your bootblocks configured to load saved entropy, it is likely
that the kernel will need to consume entropy for something
before the rc scripts run and have a chance to load in the
saved entropy from userspace.

This results in the output RNG being keyed from entropy-pool state
which we don't believe has enough bits to be safe.

Since we can't tell what the entropy is being used _for_, we can't
somehow tell how much it matters.  The only responsible thing to do
is warn the user.

We do need to find a way to ensure that upgrades result in boot.conf
files which will automatically load entropy if possible.

-- 
 Thor Lancelot Simon                                          
tls%panix.com@localhost
   But as he knew no bad language, he had called him all the names of common
 objects that he could think of, and had screamed: "You lamp!  You towel!  You
 plate!" and so on.              --Sigmund Freud