On Tue, May 24, 2016 at 09:05:21AM +0200, Taylan Ulrich Bayırlı/Kammer wrote: > Leo Famulari <[email protected]> writes: > > Does anyone have advice about the service? Am I wrong that we need to > > seed /dev/urandom to make it work properly? > > Yes, this is necessary under Linux if you want urandom to be random > enough immediately after boot, and all the distros do it as part of > their init. > > There's also an interesting implication here about the very first time > you boot the system and don't have a urandom seed file from the last > shutdown yet. I don't know how this is typically handled, given that > for instance it's quite possible that a user might generate SSH keys > shortly after their first boot of a system.
When I boot a GuixSD VM for the first time [0], it requires me to dance on the keyboard until it has collected ~200 bits of entropy. I assumed this is to properly bootstrap the CSPRNG in /dev/urandom, but I'm not sure. [0] I don't remember if I had to do this on bare metal.
