[systemd-devel] Why we need to read/save random seed?
Reindl Harald
h.reindl at thelounge.net
Wed Jun 17 01:40:45 PDT 2015
Am 17.06.2015 um 05:06 schrieb cee1:
> 2015-06-16 0:21 GMT+08:00 Lennart Poettering <lennart at poettering.net>:
>> On Mon, 15.06.15 23:33, cee1 (fykcee1 at gmail.com) wrote:
>>> Hi,
>>>
>>> I maybe got confused.
>>>
>>> First, systemd-random-seed.service will save a "seed" from
>>> /dev/urandom when shutdown, and load that "seed" to /dev/urandom when
>>> next boot up.
>>>
>>> My questions are:
>>> 1. Can we not save a seed, but load a seed that is read from **
>>> /dev/random ** to ** /dev/urandom **?
>>
>> The seed is used for both. Then you'd feed the stuff you got from the
>> RNG back into the RNG which is a pointless excercise.
>
> systemd-random-seed.service will load the "seed on disk" to
> /dev/urandom, and save a "seed" to disk when shutdown, right?
>
> The article at http://www.2uo.de/myths-about-urandom/ suggests us
> saving the seed as soon as there is enough entropy(means read from
> /dev/random? if returns, there's enough entropy),
well, so you read the seed and inject it to /dev/random followed by read
/dev/random and overwrite the seed for the next boot - don't sounds that
good
> Saving the seed early, make it more tolerant against the case of
> system crashes - that means not shutdown properly(which maybe the case
> on some mobile device such as STB
if a system don't shut down properly all the time fix that problem
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20150617/390a9ca9/attachment.sig>
More information about the systemd-devel
mailing list