[f45b1953] | 1 | <sect1 id="postlfs-config-random" xreflabel="random">
|
---|
| 2 | <?dbhtml filename="random.html" dir="postlfs"?>
|
---|
| 3 | <title>Random number generation</title>
|
---|
| 4 |
|
---|
| 5 | <para>The Linux kernel supplies a random number generator which is accessed
|
---|
[766bbe40] | 6 | through <filename class="devicefile">/dev/random</filename> and
|
---|
| 7 | <filename class="devicefile">/dev/urandom</filename>. Programs that utilize
|
---|
| 8 | the random and urandom devices, such as <application>OpenSSH</application>,
|
---|
| 9 | will benefit from these instructions.</para>
|
---|
[f45b1953] | 10 |
|
---|
| 11 | <para>When a Linux system starts up without much operator interaction, the
|
---|
| 12 | entropy pool, data used to compute a random number, may be in a fairly
|
---|
| 13 | predictable state. This creates the real possibility that the number generated
|
---|
| 14 | at startup may always be the same. In order to counteract this effect,
|
---|
| 15 | you should carry the entropy pool information across your shut-downs and
|
---|
| 16 | start-ups. The following init.d script and links will perform this function
|
---|
| 17 | for you automatically.</para>
|
---|
| 18 |
|
---|
[766bbe40] | 19 | <screen><userinput><command>cat > /etc/rc.d/init.d/random << "EOF"
|
---|
| 20 | </command>
|
---|
[f45b1953] | 21 | #!/bin/sh
|
---|
| 22 | # Begin $rc_base/init.d/random
|
---|
| 23 |
|
---|
| 24 | # Based on sysklogd script from LFS-3.1 and earlier.
|
---|
| 25 | # Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
|
---|
| 26 | # Random script elements by Larry Lawrence
|
---|
| 27 |
|
---|
| 28 | source /etc/sysconfig/rc
|
---|
| 29 | source $rc_functions
|
---|
| 30 |
|
---|
| 31 | case "$1" in
|
---|
| 32 | start)
|
---|
| 33 | echo "Initializing kernel random number generator..."
|
---|
| 34 | if [ -f /var/tmp/random-seed ]; then
|
---|
| 35 | cat /var/tmp/random-seed >/dev/urandom
|
---|
| 36 | fi
|
---|
[1a310d10] | 37 | dd if=/dev/urandom of=/var/tmp/random-seed count=1 &>/dev/null
|
---|
[f45b1953] | 38 | evaluate_retval
|
---|
| 39 | ;;
|
---|
| 40 |
|
---|
| 41 | stop)
|
---|
| 42 | echo "Saving random seed..."
|
---|
[1a310d10] | 43 | dd if=/dev/urandom of=/var/tmp/random-seed count=1 &>/dev/null
|
---|
[f45b1953] | 44 | evaluate_retval
|
---|
| 45 | ;;
|
---|
| 46 |
|
---|
| 47 | *)
|
---|
| 48 | echo "Usage: $0 {start|stop}"
|
---|
| 49 | exit 1
|
---|
| 50 | ;;
|
---|
| 51 | esac
|
---|
| 52 |
|
---|
| 53 | # End $rc_base/init.d/random
|
---|
[766bbe40] | 54 | <command>EOF
|
---|
| 55 | chmod 755 /etc/rc.d/init.d/random</command></userinput></screen>
|
---|
[f45b1953] | 56 |
|
---|
[064db32a] | 57 | <para>Create the symbolic links to this file in the relevant
|
---|
| 58 | <filename class="directory">rc.d</filename> directories
|
---|
[a75063d4] | 59 | with the following commands:</para>
|
---|
[766bbe40] | 60 | <screen><userinput><command>cd /etc/rc.d/init.d &&
|
---|
[f45b1953] | 61 | ln -sf ../init.d/random ../rc0.d/K45random &&
|
---|
| 62 | ln -sf ../init.d/random ../rc2.d/S25random &&
|
---|
| 63 | ln -sf ../init.d/random ../rc3.d/S25random &&
|
---|
| 64 | ln -sf ../init.d/random ../rc4.d/S25random &&
|
---|
| 65 | ln -sf ../init.d/random ../rc5.d/S25random &&
|
---|
[a75063d4] | 66 | ln -sf ../init.d/random ../rc6.d/K45random</command></userinput></screen>
|
---|
[f45b1953] | 67 |
|
---|
| 68 |
|
---|
| 69 | </sect1>
|
---|
| 70 |
|
---|