Re: regarding the changes to kernel entropy gathering

To: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Subject: Re: regarding the changes to kernel entropy gathering
From: Taylor R Campbell <riastradh%NetBSD.org@localhost>
Date: Sun, 4 Apr 2021 15:28:13 +0000

> Date: Sun, 4 Apr 2021 10:40:22 -0400 (EDT)
> From: Mouse <mouse%Rodents-Montreal.ORG@localhost>
> 
> > What NetBSD-current is telling you on your Xen system, on a CPU
> > predating RDRAND/RDSEED, is the unfortunate truth that there is no
> > reliable source of entropy available in your system --
> 
> Not quite.  That there is nothing which NetBSD, independent of the
> sysadmin, is confident is a reliable source of entropy.
> 
> It's entirely possible one or more of those sources actually does
> supply usable entropy, but NetBSD doesn't realize that (and, as I
> understand it, provides no way for the sysadmin to fix that, short of
> hacking on the source).

If the sysadmin knows something NetBSD doesn't, it is easy for the
sysadmin to convince NetBSD to unblock by writing 32 bytes to
/dev/random as root.  No need to hack any source.

(This shouldn't be an automatic recipe, though, because it depends on
specific knowledge of the system in question which the authors of the
device drivers and the rest of the software didn't know.  And if you
have done that once, you can let NetBSD take care of it automatically
on subsequent boots by running `/etc/rc.d/random_seed stop' to save a
seed to disk.)

Follow-Ups:
- Re: regarding the changes to kernel entropy gathering
  - From: Robert Elz

References:
- Re: regarding the changes to kernel entropy gathering
  - From: Mouse

Prev by Date: Re: regarding the changes to kernel entropy gathering
Next by Date: Re: regarding the changes to kernel entropy gathering
Previous by Thread: Re: regarding the changes to kernel entropy gathering
Next by Thread: Re: regarding the changes to kernel entropy gathering
Indexes:

Home | Main Index | Thread Index | Old Index