init.d/urandom: increase saved entropy
my startup (whether on real hardware or my server VM) currently involves
long hangs of sshd, and warnings on uninitialized random reads by
dnsmasq.
When i look into init.d/urandom i see mysterious calculations which
result in 512 bytes to be saved for restoring purposes, and i wonder why
this is so.
I would assume that the kernel passes data fed in to seed the PRNG
through (possibly even multiple) sophisticated algorithms.., and uses
conservative guessing on the quality of bytes fed into urandom.
Hence my suggestion to increase the number of bytes saved in between
reboots, e.g., like so (untested):
save_seed()
{
local ibs=1024
if [ -e /proc/sys/kernel/random/poolsize ]; then
ibs=$(cat /proc/sys/kernel/random/poolsize)
fi
( # sub shell to prevent umask pollution
umask 077
dd if=/dev/urandom of=“$urandom_seed” \
ibs=$ibs count=1 2>/dev/null
)
}
(from redmine: issue id 9777, created on 2018-12-19, closed on 2019-01-08)