Like upgrade, use feed_random right after mounting filesystems. This

is less than ideal.  We hope the kernel has good entropy already, because
this is a reinstall??  Or maybe the ftp server startup has run to completion?
Or if this is an autoinstall, that config has enough unique in it?  This
needs more work, but the existing late-entropy feed sequence is worse.
discussed at length with rpe, who tested it

diff --git a/distrib/miniroot/install.sh b/distrib/miniroot/install.sh
index c83cd9b..5c8b878 100644 (file)
--- a/distrib/miniroot/install.sh
+++ b/distrib/miniroot/install.sh
@@ -1,5 +1,5 @@
 #!/bin/ksh
-#      $OpenBSD: install.sh,v 1.239 2013/12/18 08:04:16 halex Exp $
+#      $OpenBSD: install.sh,v 1.240 2014/01/05 01:56:52 deraadt Exp $
 #      $NetBSD: install.sh,v 1.5.2.8 1996/08/27 18:15:05 gwr Exp $
 #
 # Copyright (c) 1997-2009 Todd Miller, Theo de Raadt, Ken Westerback
@@ -192,6 +192,8 @@ done >>/tmp/fstab
 munge_fstab
 mount_fs "-o async"
 
+feed_random
+
 install_sets
 
 # If we did not succeed at setting TZ yet, we try again
@@ -270,16 +272,6 @@ _f=dhclient.conf
        [[ -f $_f && -s $_f ]] && mv $_f /mnt/etc/.
 done)
 
-# Feed the random pool some junk before we read from it
-(dmesg; cat $SERVERLISTALL /*.conf; sysctl; route -n show; df;
-    ifconfig -A; hostname) >/mnt/dev/arandom 2>&1
-
-echo -n "done.\nGenerating initial host.random file..."
-dd if=/mnt/dev/arandom of=/mnt/var/db/host.random \
-       bs=65536 count=1 >/dev/null 2>&1
-chmod 600 /mnt/var/db/host.random >/dev/null 2>&1
-echo "done."
-
 apply
 
 if [[ -n $user ]]; then