On 2010-12-23 09:44, Clint Pachl wrote: > Salvador Fandiqo wrote: >> On 12/23/2010 06:39 AM, Marsh Ray wrote: >>> On 12/22/2010 03:49 PM, Clint Pachl wrote: >>>> Salvador Fandiqo wrote: >>>>> >>>>> Could a random seed be patched into the kernel image at installation >>>>> time? >>>>> Admittedly this is not entropy, this is a just secret key and anyone >>>>> with access to the machine would be able to read it, >>> >>> How is it different than any other installation file then? >> >> because it is accessible *before* any filesystem is mounted, from second 0 of >> the boot process. >> >> > This reminds me of something. > > The last time I installed FreeBSD about 5 years ago, it asked me to pound on > the > keyboard for like 60 seconds during installation (or at first boot, can't > remember) in order to build up some "randomness". I wonder what kind of > entropy > that provided? >
It was only the first time sshd starts to generate enough entropy for the ssh-key generation. http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/rc.d/sshd?rev=1.14;content-type=text%2Fplain