openssh usually depends on /dev/urandom to seeding PRNG (pseudo-random number
generator). To ensure there's sufficient entropy just feed /dev/urandom with
saved /var/lib/random-seed which is saved in installing phase.
Signed-off-by: Dave Young <dyoung@xxxxxxxxxx>
---
modules.d/95ssh-client/module-setup.sh | 2 ++
modules.d/95ssh-client/random-seeding.sh | 7 +++++++
2 files changed, 9 insertions(+)
--- dracut.orig/modules.d/95ssh-client/module-setup.sh
+++ dracut/modules.d/95ssh-client/module-setup.sh
@@ -48,6 +48,8 @@ inst_sshenv()
install() {
dracut_install ssh scp
+ dracut_install /var/lib/random-seed
+ inst_hook cmdline 01 "$moddir/random-seeding.sh"
inst_sshenv
}
--- /dev/null
+++ dracut/modules.d/95ssh-client/random-seeding.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
+# ex: ts=8 sw=4 sts=4 et filetype=sh
+
+if [ -f /var/lib/random-seed ]; then
+ cat /var/lib/random-seed > /dev/urandom 2>/dev/null
+fi
--
To unsubscribe from this list: send the line "unsubscribe initramfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
