Add entropy caching. With this, some entropy is cached at shutdown
time, and this is used to reseed the random number generator at boot time. NOTE - this has no hope of working if you halt(); you need to execute rc.shutdown to get the entropy stash.
This commit is contained in:
parent
8d78207585
commit
968e0bbd12
@ -291,6 +291,8 @@ kern_securelevel_enable="NO" # kernel security level (see init(8)),
|
||||
kern_securelevel="-1" # range: -1..3 ; `-1' is the most insecure
|
||||
update_motd="YES" # update version info in /etc/motd (or NO)
|
||||
start_vinum="" # set to YES to start vinum
|
||||
entropy_file="/var/db/entropy"
|
||||
# Set to NO to disable caching entropy through reboots
|
||||
|
||||
##############################################################
|
||||
### Define source_rc_confs, the mechanism used by /etc/rc.* ##
|
||||
|
14
etc/rc
14
etc/rc
@ -132,6 +132,20 @@ if [ -n "${diskless_mount}" -a -r "${diskless_mount}" ]; then
|
||||
sh ${diskless_mount}
|
||||
fi
|
||||
|
||||
# Recover some entropy so the rebooting /dev/random can reseed
|
||||
#
|
||||
case ${entropy_file} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
if [ -f ${entropy_file} -a -r ${entropy_file} ] ; then
|
||||
echo -n "Reading entropy file"
|
||||
cat ${entropy_file} > /dev/random
|
||||
rm -f ${entropy_file}
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
adjkerntz -i
|
||||
|
||||
clean_var() {
|
||||
|
@ -26,6 +26,21 @@ elif [ -r /etc/rc.conf ]; then
|
||||
. /etc/rc.conf
|
||||
fi
|
||||
|
||||
# Write some entropy so the rebooting /dev/random can reseed
|
||||
#
|
||||
case ${entropy_file} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
if [ -f ${entropy_file} -a -r ${entropy_file} ] ; then
|
||||
echo -n "Writing entropy file"
|
||||
touch ${entropy_file} && \
|
||||
chmod 600 ${entropy_file} && \
|
||||
dd if=/dev/random of=${entropy_file} bs=4096 count=1
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
# Check if /var/db/mounttab is clean.
|
||||
case $1 in
|
||||
reboot)
|
||||
|
Loading…
Reference in New Issue
Block a user