<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Aug 8, 2017 at 3:18 PM, Joshua Judson Rosen <span dir="ltr"><<a href="mailto:rozzin@hackerposse.com" target="_blank">rozzin@hackerposse.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="gmail-HOEnZb"><div class="gmail-h5">On 08/08/2017 02:52 PM, Ken D'Ambrosio wrote:<br>
> On 2017-08-08 14:43, Bill Freeman wrote:<br>>> As to why ruby is designed to require a random number before being<br>
>> asked to do something dependent on such a random number is a question<br>
>> for the ruby developers.<br></div></div></blockquote><div><br>I assume you meant not dependent.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="gmail-HOEnZb"><div class="gmail-h5">
><br>
> Email already sent. :-)<br>><br>
> C'est la vie. I guess that's the way the Ruby crumbles...<br></div></div></blockquote><div><br></div><div>That'd be a pretty bad design decision for some environments.</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="gmail-HOEnZb"><div class="gmail-h5"><br>
</div></div>Instead of rewriting the whole thing, why not just seed the RNG manually?<br>
<br>
Slightly relevant-looking discussion BTW:<br>
<br>
<a href="https://bugs.ruby-lang.org/issues/9569#note-56" rel="noreferrer" target="_blank">https://bugs.ruby-lang.org/<wbr>issues/9569#note-56</a><br>
<br></blockquote><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">So, there you go. "until the entropy pool is initialized" is apparently<br>
about 3 minutes in your case ;)<br>
<br>
You should be able to explicitly seed Ruby's internal RNG,<br>
or explicitly seed the system RNG by writing bytes into<br>
/dev/random or /dev/urandom.<br>
<br>
If you want `instant good entropy' at boot, you can even store<br>
some random data into a file at shutdown and then seed from that file<br>
at boot (be sure to invalidate that cache before seeding from it though,<br>
to ensure that you don't use the same seed twice!). IIRC there are<br>
some preexisting packages for this, and some distributions even do it by default.<br>
<br>
If you write a systemd service, it looks like you can depend on<br>
systemd-random-seed.service.<br></blockquote><div><br></div><div>The preseed might be a good 1st try at a fix that won't ruin the system RNG and potentially compromising security.</div><div><br></div><div>This reminds me of the old days when Slackware was created because SLS wouldn't fix permission issues correctly in the installer. </div></div></div></div>