On Mon, Mar 28, 2005 at 05:00:22PM -0500, Ed Maste wrote: > In /etc/rc.d/sshd, user_reseed() does > > seeded=`sysctl -n kern.random.sys.seeded 2>/dev/null` > if [ "${seeded}" != "" ] ; then > warn "Setting entropy source to blocking mode." > echo "====================================================" > echo "Type a full screenful of random junk to unblock" > ... > > I'm curious if checking the seeded sysctl against "" is intentional; > it seems $seeded will always be non-null. Since user_reseed only > gets called if the host keys don't exist it probably won't be much > of an issue in practice, but it seems random junk will be requested > on the first boot even if the entropy source is already seeded. I believe the goal of the script is to not trust the system entropy this time (since it's almost certainly junk.) I think the check is just to avoid this code if the sysctl doesn't exist. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:30 UTC