On 2010-12-23 09:44, Clint Pachl wrote:
> Salvador Fandiqo wrote:
>> On 12/23/2010 06:39 AM, Marsh Ray wrote:
>>> On 12/22/2010 03:49 PM, Clint Pachl wrote:
>>>> Salvador Fandiqo wrote:
>>>>>
>>>>> Could a random seed be patched into the kernel image at installation
>>>>> time?
>>>>> Admittedly this is not entropy, this is a just secret key and anyone
>>>>> with access to the machine would be able to read it,
>>>
>>> How is it different than any other installation file then?
>>
>> because it is accessible *before* any filesystem is mounted, from second 0 of
>> the boot process.
>>
>>
> This reminds me of something.
> 
> The last time I installed FreeBSD about 5 years ago, it asked me to pound on 
> the
> keyboard for like 60 seconds during installation (or at first boot, can't
> remember) in order to build up some "randomness". I wonder what kind of 
> entropy
> that provided?
> 

It was only the first time sshd starts to generate enough entropy for the
ssh-key generation.

http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/rc.d/sshd?rev=1.14;content-type=text%2Fplain

Reply via email to