Re: cprng sysctl: WARNING pseudorandom rekeying.

[Iain Hibbert <plunky%rya-online.net@localhost>]

On Sat, 10 Nov 2012, Robert Elz wrote:

>     Date:        Fri, 9 Nov 2012 19:34:05 -0500
>     From:        Thor Lancelot Simon <tls%panix.com@localhost>
>     Message-ID:  <20121110003405.GA4502%panix.com@localhost>
>
>   | No, the cprng named "kernel" is used _inside_ the kernel.
>
> It hadn't occurred to me before that that name is significant.

me neither

The first one I get, is the "sysctl" one. It is produced during the
/etc/rc.d/sysdb script, probably by the dev_mkdb program (which uses cdb,
probably using arc4random which uses sysctl to load random data?)

Since I have not updated my boot.cfg but random_seed=YES in the
/etc/defaults/rc.conf file, I guess the entropy file *is* being loaded,
but after it is required..

> When I get two messages after a boot (which looks like it might be
> every time), one of them says "kernel" (seems to be the later one)
> and the other (the one soonest after a boot) says "sysctl".

The second one I get is the "kernel" one, and this is produced during a
fetchmail run after I have logged in. I don't know why that would use
kernel entropy.. perhaps picking a random port number?  Also, that is
*after* the entropy file was loaded.. is that not enough for the kernel?

regards,
iain