Re: seeding dev/random in 5.5

--- Doug Barton <dougb@xxxxxxxxxxx> wrote:
The patches you sent to implement this option didn't come through to the
mailing list, could you resend them please? :)

Seriously though, a lot of people looked at this problem when yarrow was
introduced, and no solution became immediately apparent. So, if someone
wants to take a crack at implementing something, knock yourself out.

Since this is the security mailing list, I would like to direct the attention
on the following points:

* I see in the CD-procedure the problem, that a postman, who is more
sophisticated than in Leslie Nielsen's "Naked Gun 33 1/3" movie, might exchange
the media, so that u let ur Netherlandish install something u dont know and/or
like. Workaround: Do you use a checksum over the media (`md5 < /dev/acd0`) and
transmit those checksum on a different way (maybe email)?

* I received a private communication yesterday about this matter. But the list
did not. I will cite (not litterally) a little bit out of that message: Since
you do not know anything about the remotely created host-key, u cannot connect
safely to the freshly installed box, because: You do not even know the
signature of the new host-key, so that if u connect to the wrong box u would
not even known. Workaround: You could give all hosts the same well-known
host-key (via your install-image-CD) and then u could change the host-key in a
remotely controlled way individually and note down the signature? Maybe my
secret informer (lets call him Rasmus or RK) wants to come public... :-)

* But what if the postman (see first point) know already the host-key from
reading the CD? Then he could log in to ur boxes...


Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"