info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Querying entropy state
0 views
Skip to first unread message
Chris Rees
May 15, 2018, 7:45:05 AM5/15/18
to
Hello all,
Since the new random device has been put in, sysutils/monitorix no
longer has a sysctl to poll to view the current state of entropy (i.e.
kern.random.sys.seeded).
I have come to the understanding that it is no longer necessary or
relevant information with the new driver, and entropy is always at an
acceptable state; the author has suggested disabling this test on FreeBSD.
Am I correct that there is no point in checking for entropy any more,
and the entropy is unmeasurable?
Chris
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
freebsd-...@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-securi...@freebsd.org"
Since the new random device has been put in, sysutils/monitorix no
longer has a sysctl to poll to view the current state of entropy (i.e.
kern.random.sys.seeded).
I have come to the understanding that it is no longer necessary or
relevant information with the new driver, and entropy is always at an
acceptable state; the author has suggested disabling this test on FreeBSD.
Am I correct that there is no point in checking for entropy any more,
and the entropy is unmeasurable?
Chris
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
freebsd-...@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-securi...@freebsd.org"
RW via freebsd-security
May 15, 2018, 10:58:25 AM5/15/18
to
On Tue, 15 May 2018 12:17:28 +0100
Chris Rees wrote:
> Hello all,
>
> Since the new random device has been put in, sysutils/monitorix no
> longer has a sysctl to poll to view the current state of entropy
> (i.e. kern.random.sys.seeded).
>
> I have come to the understanding that it is no longer necessary or
> relevant information with the new driver, and entropy is always at an
> acceptable state; the author has suggested disabling this test on
> FreeBSD.
>
> Am I correct that there is no point in checking for entropy any more,
> and the entropy is unmeasurable?
It hasn't been for many years.
Chris Rees wrote:
> Hello all,
>
> Since the new random device has been put in, sysutils/monitorix no
> longer has a sysctl to poll to view the current state of entropy
> (i.e. kern.random.sys.seeded).
>
> I have come to the understanding that it is no longer necessary or
> relevant information with the new driver, and entropy is always at an
> acceptable state; the author has suggested disabling this test on
> FreeBSD.
>
> Am I correct that there is no point in checking for entropy any more,
> and the entropy is unmeasurable?
kern.random.sys.seeded was set when yarrow first seeded itself after a
boot. As long as there's an entropy file this happened very early, and
ordinary computers would spontaneously seed well before that. The
sysctl was only relevant in some special cases like certain embedded
devices.
RW via freebsd-security
May 15, 2018, 11:55:57 AM5/15/18
to
On Tue, 15 May 2018 15:54:44 +0100
RW wrote:
> On Tue, 15 May 2018 12:17:28 +0100
> Chris Rees wrote:
>
> > Hello all,
> >
> > Since the new random device has been put in, sysutils/monitorix no
> > longer has a sysctl to poll to view the current state of entropy
> > (i.e. kern.random.sys.seeded).
> >
> > I have come to the understanding that it is no longer necessary or
> > relevant information with the new driver, and entropy is always at
> > an acceptable state; the author has suggested disabling this test on
> > FreeBSD.
> >
> > Am I correct that there is no point in checking for entropy any
> > more, and the entropy is unmeasurable?
>
> It hasn't been for many years.
>
> kern.random.sys.seeded was set when yarrow first seeded itself after a
> boot. As long as there's an entropy file this happened very early, and
> ordinary computers would spontaneously seed well before that. The
> sysctl was only relevant in some special cases like certain embedded
> devices.
And now I come to think of it, initrandom would throw in some low grade
RW wrote:
> On Tue, 15 May 2018 12:17:28 +0100
> Chris Rees wrote:
>
> > Hello all,
> >
> > Since the new random device has been put in, sysutils/monitorix no
> > longer has a sysctl to poll to view the current state of entropy
> > (i.e. kern.random.sys.seeded).
> >
> > I have come to the understanding that it is no longer necessary or
> > relevant information with the new driver, and entropy is always at
> > an acceptable state; the author has suggested disabling this test on
> > FreeBSD.
> >
> > Am I correct that there is no point in checking for entropy any
> > more, and the entropy is unmeasurable?
>
> It hasn't been for many years.
>
> kern.random.sys.seeded was set when yarrow first seeded itself after a
> boot. As long as there's an entropy file this happened very early, and
> ordinary computers would spontaneously seed well before that. The
> sysctl was only relevant in some special cases like certain embedded
> devices.
entropy to unblock the device even if there was no entropy file, so
with the standard rc files the sysctl did nothing useful.
0 new messages