From: dyoung-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org
To: harald-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
initramfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
vgoyal-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
chaowang-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org
Cc: Dave Young <dyoung-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Subject: [patch 2/2] ssh-client: add urandom seeding
Date: Thu, 11 Oct 2012 16:07:59 +0800 [thread overview]
Message-ID: <20121011080918.972371593@redhat.com> (raw)
In-Reply-To: 20121011080757.285843621@redhat.com
[-- Attachment #1: feeding-dev-urandom.patch --]
[-- Type: text/plain, Size: 1045 bytes --]
openssh usually depends on /dev/urandom to seeding PRNG (pseudo-random number
generator). To ensure there's sufficient entropy just feed /dev/urandom with
saved /var/lib/random-seed which is saved in installing phase.
Signed-off-by: Dave Young <dyoung-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
---
modules.d/95ssh-client/module-setup.sh | 2 ++
modules.d/95ssh-client/random-seeding.sh | 7 +++++++
2 files changed, 9 insertions(+)
--- dracut.orig/modules.d/95ssh-client/module-setup.sh
+++ dracut/modules.d/95ssh-client/module-setup.sh
@@ -48,6 +48,8 @@ inst_sshenv()
install() {
dracut_install ssh scp
+ dracut_install /var/lib/random-seed
+ inst_hook cmdline 01 "$moddir/random-seeding.sh"
inst_sshenv
}
--- /dev/null
+++ dracut/modules.d/95ssh-client/random-seeding.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
+# ex: ts=8 sw=4 sts=4 et filetype=sh
+
+if [ -f /var/lib/random-seed ]; then
+ cat /var/lib/random-seed > /dev/urandom 2>/dev/null
+fi
next prev parent reply other threads:[~2012-10-11 8:07 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-11 8:07 [patch 0/2] two ssh-client module fixes dyoung-H+wXaHxf7aLQT0dZR+AlfA
2012-10-11 8:07 ` [patch 1/2] ssh-client: remove ctty related check dyoung-H+wXaHxf7aLQT0dZR+AlfA
2012-10-11 8:07 ` dyoung-H+wXaHxf7aLQT0dZR+AlfA [this message]
[not found] ` <20121011080918.972371593-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-10-11 8:16 ` [patch 2/2] ssh-client: add urandom seeding Harald Hoyer
[not found] ` <50768041.8000803-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-10-11 8:25 ` Dave Young
[not found] ` <5076826D.2020201-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-10-11 8:27 ` Dave Young
2012-10-11 19:58 ` Vivek Goyal
[not found] ` <20121011195823.GD2218-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-10-12 4:44 ` Dave Young
[not found] ` <5077A035.30008-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-10-12 13:35 ` Vivek Goyal
[not found] ` <20121012133551.GA9490-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-10-13 2:11 ` Dave Young
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121011080918.972371593@redhat.com \
--to=dyoung-h+wxahxf7alqt0dzr+alfa@public.gmane.org \
--cc=chaowang-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=harald-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=initramfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=vgoyal-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox