Fixing getrandom()
Fixing getrandom()
Posted Oct 4, 2019 7:14 UTC (Fri) by kmeyer (subscriber, #50720)In reply to: Fixing getrandom() by cesarb
Parent article: Fixing getrandom()
1. The installation process generates a lot of IO, sufficient to seed the CSPRNG. It should emit a seed that can be used by the next boot (much like any other reboot entropy save).
2. Optionally, the installer can also generate and write out sshd host keys. There's not a lot of reason to wait until first boot for that.
2. Optionally, the installer can also generate and write out sshd host keys. There's not a lot of reason to wait until first boot for that.
Posted Oct 4, 2019 11:36 UTC (Fri)
by Jandar (subscriber, #85683)
[Link]
Fixing getrandom()
The devices in question aren't installed individually. One image of a single install is put on thousands or millions of them, so generating host keys at installation time is the worst thing to do.