The attached patch should apply cleanly to the Debian urandom. My apologies for attaching the wrong patch previously. I picked up the Ubuntu patch instead of the Debian patch.
>From c45b19d323d5e30473d254f1d0f87f33cb86ca3b Mon Sep 17 00:00:00 2001 From: John Denker <j...@av8n.com> Date: Sat, 11 Sep 2010 10:04:48 -0700 Subject: [PATCH] Include date and time when seeding the RNG. --- urandom | 9 +++++++++ 1 files changed, 9 insertions(+), 0 deletions(-) diff --git a/urandom b/urandom index 79344cb..5e6121c 100755 --- a/urandom +++ b/urandom @@ -35,6 +35,15 @@ fi case "$1" in start|"") [ "$VERBOSE" = no ] || log_action_begin_msg "Initializing random number generator" + # Seed the RNG with date and time. + # This is helpful in the less-than-ideal case where $SAVEDFILE + # is read-only. + # The value of this is greatly reduced if $SAVEDFILE is missing, + # or its contents are shared machine-to-machine or known to + # attackers (since they might well know at what time this + # machine booted up). + date +%s.%N > /dev/random + # Load and then save $POOLBYTES bytes, # which is the size of the entropy pool if [ -f "$SAVEDFILE" ] -- 1.5.6.5
