Re: seeding dev/random in 5.5
- From: Kevin Day <toasty@xxxxxxxxxxxxxx>
- Date: Tue, 8 Aug 2006 15:59:20 -0500
On Aug 8, 2006, at 12:34 PM, Doug Barton wrote:
(if doing this from an unattended bootup, expecting the 300 second
timeout, I find that sshd does not start!)
I cannot imagine a scenario where a competent system administrator would do
a clean install on a machine, reboot it, and then just walk away without
first testing to see that all expected services (especially sshd) were
working according to plan. If you can envision such a situation, please
describe it in more detail.
This actually bit us too once. We were doing an unattended diskless (PXE boot) install to 50 servers at a time. These systems were for internal use only, we didn't care at all that the key generation for sshd was done in any secure way, but it meant that we either had to manually go through each server and kickstart the random number generator so sshd would work or hack the rc scripts to do what we really wanted.
We got the unattended install down to do exactly what we wanted, so there was no need really to do anything locally on each server after the install. Except this. :)
This came up a second time when we had a server on another continent lose its boot drive and we needed some "remote hands" to reinstall the OS for us. We shipped a replacement drive and an install CD configured to do an unattended/automated install. The idea was to give them a replacement hot-swap drive, and a bootable CD that did an automated install. After it was done, all they had to do was remove the CD and power cycle the server. (The people on the other end weren't very technical, so we had to make this extremely easy.) They followed the instructions, and from what we could tell by having them read the text on the screen it looked like it worked. We could ping the server, but not ssh, even though we were certain we had enabled sshd in the install.cfg file. We burned another copy of the CD image and tried it on a system locally to troubleshoot. Except, that since we were watching it, we didn't let the 300 second timeout happen because we were impatient, so it worked for us. It was only after many many hours of debugging that we realized that letting the timeout happen was breaking sshd.
So, there are a few reasons for wanting to be able to do an install that just works right off the bat after sysinstall that don't conflict with good sysadmin practices.
Maybe sysinstall could be collecting entropy during the installation and use that for an initial seed if the timeout happens? It wouldn't be perfect, but it'd be better than killing ssh.
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: seeding dev/random in 5.5
- From: Doug Barton
- Re: seeding dev/random in 5.5
- References:
- seeding dev/random in 5.5
- From: Michael Scheidell
- Re: seeding dev/random in 5.5
- From: Doug Barton
- seeding dev/random in 5.5
- Prev by Date: Re: seeding dev/random in 5.5
- Next by Date: RE: seeding dev/random in 5.5
- Previous by thread: Re: seeding dev/random in 5.5
- Next by thread: Re: seeding dev/random in 5.5
- Index(es):
Relevant Pages
|
|
