diff --git a/etc/crontab b/etc/crontab
index 784980c48d63..1f0950efcbbc 100644
--- a/etc/crontab
+++ b/etc/crontab
@@ -8,6 +8,9 @@ HOME=/var/log
 #
 #minute	hour	mday	month	wday	who	command
 #
+# save some entropy so that /dev/random can reseed on boot
+*/3	*	*	*	*	operator /usr/libexec/save-entropy
+#
 */5	*	*	*	*	root	/usr/libexec/atrun
 #
 # rotate log files every hour, if necessary
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf
index b76156409d53..7e3d2767c48f 100644
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@@ -324,6 +324,9 @@ start_vinum=""		# set to YES to start vinum
 unaligned_print="YES"	# print unaligned access warnings on the alpha (or NO).
 entropy_file="/entropy" # Set to NO to disable caching entropy through reboots.
 			# /var/db/entropy is preferred if / is not available.
+entropy_dir="/.entropy" # Set to NO to disable caching entropy via cron.
+entropy_save_sz="2048" 	# Size of the entropy cache files.
+entropy_save_num="8" 	# Number of entropy cache files to save.
 
 ##############################################################
 ### Define source_rc_confs, the mechanism used by /etc/rc.* ##
diff --git a/etc/mtree/BSD.root.dist b/etc/mtree/BSD.root.dist
index e6e9a4d64c3a..0fc9833f2040 100644
--- a/etc/mtree/BSD.root.dist
+++ b/etc/mtree/BSD.root.dist
@@ -5,6 +5,10 @@
 
 /set type=dir uname=root gname=wheel mode=0755
 .
+/set type=dir uname=operator gname=operator mode=0700
+    .entropy
+    ..
+/set type=dir uname=root gname=wheel mode=0755
     bin
     ..
     boot
diff --git a/etc/rc b/etc/rc
index d3db56a37c40..3f9fba7cc905 100644
--- a/etc/rc
+++ b/etc/rc
@@ -102,16 +102,34 @@ chkdepend NIS nis_client_enable portmap portmap_enable
 
 # First pass at entropy recovery so the rebooting /dev/random can reseed.
 #
+feed_dev_random() {
+	if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then
+		echo "Using ${1} as an entropy file"
+		cat ${1} > /dev/random 2> /dev/random &&
+		entropy_reseeded=yes
+	fi
+}
+
 case ${entropy_file} in
 [Nn][Oo] | '')
 	;;
 *)
 	if [ -w /dev/random ]; then
-		if [ -f "${entropy_file}" -a -r "${entropy_file}" -a \
-		    -s "${entropy_file}" ]; then
-			echo "Using ${entropy_file} as an entropy file"
-			cat ${entropy_file} > /dev/random 2> /dev/random
-			entropy_reseeded=yes
+		feed_dev_random "${entropy_file}"
+	fi
+	;;
+esac
+
+case ${entropy_dir} in
+[Nn][Oo])
+	;;
+*)
+	entropy_dir=${entropy_dir:-/.entropy}
+	if [ -d "${entropy_dir}" ]; then
+		if [ -w /dev/random ]; then
+			for seedfile in ${entropy_dir}/*; do
+				feed_dev_random "${seedfile}"
+			done
 		fi
 	fi
 	;;
@@ -219,20 +237,18 @@ yes)
 		if [ -w /dev/random ]; then
 			if [ -f "${entropy_file}" -a -r "${entropy_file}" -a \
 			    -s "${entropy_file}" ]; then
-				echo "Using ${entropy_file} as an entropy file"
-				cat ${entropy_file} > /dev/random 2> /dev/random
+				feed_dev_random "${entropy_file}"
 			elif [ "${entropy_file}" != /var/db/entropy -a \
 			    -f /var/db/entropy -a -r /var/db/entropy -a \
 			    -s /var/db/entropy ]; then
-				echo 'Using /var/db/entropy as an entropy file'
-				cat /var/db/entropy > /dev/random 2> /dev/random
+				feed_dev_random /var/db/entropy 
 			else
     echo "Can't use ${entropy_file} as an entropy file, trying other sources"
 				# XXX temporary until we can get the entropy
 				# harvesting rate up
 				# Entropy below is not great,
 				# but better than nothing.
-				(ps -gauxwww; iostat; vmstat; sysctl -a;
+				(ps -gauxwww; sysctl -a;
 				    dmesg) | /bin/dd of=/dev/random bs=8k 2>/dev/null
 				( for i in /etc /var/run ; do
 					cd $i ; ls -al ; cat *
diff --git a/libexec/Makefile b/libexec/Makefile
index c051e13ff89e..6ee31ed4ab73 100644
--- a/libexec/Makefile
+++ b/libexec/Makefile
@@ -22,6 +22,7 @@ SUBDIR=	atrun \
 	rpc.rwalld \
 	rpc.sprayd \
 	rshd \
+	save-entropy \
 	talkd \
 	tftpd \
 	xtend \
diff --git a/libexec/save-entropy/Makefile b/libexec/save-entropy/Makefile
new file mode 100644
index 000000000000..c3de2caaf45c
--- /dev/null
+++ b/libexec/save-entropy/Makefile
@@ -0,0 +1,10 @@
+# $FreeBSD$
+
+NOMAN=	noman
+
+beforeinstall:
+	${INSTALL} -c -o operator -g operator -m 500 \
+	    ${.CURDIR}/save-entropy.sh ${DESTDIR}${BINDIR}/save-entropy
+
+.include <bsd.prog.mk>
+
diff --git a/libexec/save-entropy/save-entropy.sh b/libexec/save-entropy/save-entropy.sh
new file mode 100755
index 000000000000..4a84fd741959
--- /dev/null
+++ b/libexec/save-entropy/save-entropy.sh
@@ -0,0 +1,82 @@
+#!/bin/sh
+#
+# Copyright (c) 2001  The FreeBSD Project
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+# $FreeBSD$
+
+# This script is called by cron to store bits of randomness which are
+# then used to seed /dev/random on boot.
+
+PATH=/bin:/usr/bin
+
+# If there is a global system configuration file, suck it in.
+#
+if [ -r /etc/defaults/rc.conf ]; then
+	. /etc/defaults/rc.conf
+	source_rc_confs
+elif [ -r /etc/rc.conf ]; then
+	. /etc/rc.conf
+fi
+
+case ${entropy_dir} in
+[Nn][Oo])
+	exit 0
+	;;
+*)
+	entropy_dir=${entropy_dir:-/.entropy}
+	;;
+esac
+
+entropy_save_sz=${entropy_save_sz:-2048}
+entropy_save_num=${entropy_save_num:-8}
+entropy_save_jot=$(($entropy_save_num - 1))
+
+if [ ! -d "${entropy_dir}" ]; then
+	umask 077
+	mkdir "${entropy_dir}" || {
+	    logger -is The entropy directory "${entropy_dir}" does not \
+exist, and cannot be created.  Therefore no entropy can be saved. ;
+	    exit 1;}
+	/usr/sbin/chown operator:operator "${entropy_dir}"
+	chmod 0700 "${entropy_dir}"
+fi
+
+rm -f "${entropy_dir}/saved-entropy.${entropy_save_num}"
+
+umask 377
+
+for file_num in `jot ${entropy_save_jot} ${entropy_save_jot} 1`; do
+	if [ -f "${entropy_dir}/saved-entropy.${file_num}" ]; then
+		new_num=$(($file_num + 1))
+		mv "${entropy_dir}/saved-entropy.${file_num}" \
+		    "${entropy_dir}/saved-entropy.${new_num}"
+	fi
+done
+
+dd if=/dev/random of="${entropy_dir}/saved-entropy.1" \
+    bs=2048 count=1 2> /dev/null
+
+exit 0
+