Re: svn commit: r239569 - head/etc/rc.d

David O'Brien <obrien@FreeBSD.org> writes:
> Dag-Erling Smrgrav <des@des.no> writes:
> > Speaking of rc.d and entropy, is the following code in /etc/rc.d/sshd
> > really necessary?
> > 	seeded=3D`sysctl -n kern.random.sys.seeded 2>/dev/null`
> > 	if [ "x${seeded}" !=3D "x" ] && [ ${seeded} -eq 0 ] ; then
> > 		warn "Setting entropy source to blocking mode."
> [...]
> Likely this is inspired by 3.2 'How Compromises are Exploited',
> 'Compromise of High-Value Keys Generated From Compromised Key' paragraph.
>
>     If the key that is being generated is vary valuable, the harm to the
>     system owner can be very large.

These are host keys.  I'd say they're moderately valuable - depending on
the machine and your point of view, they may be more or less valuable
than user keys - but they are usually generated under controlled
circumstances, rather than circumstances in which an attacker may be
able to influence the PRNG.

> Now that we have 'postrandom' possibly we should utilize the
> ${entropy_file} (and call postrandom again).
>
> Certainly [re]seeding with 'sysctl -a' and 'date' is poor and should be
> changed.

Well, currently it's a no-op since kern.random.sys.seeded is never 0 at
that point, if I understand correctly.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"