mirror of
https://github.com/GrapheneOS/infrastructure.git
synced 2024-12-22 13:45:02 -05:00
replace urandom with random
These both use the same CSPRNG on modern kernels, but random waits for CSPRNG initialization instead of only attempting to initialize it.
This commit is contained in:
parent
ce1fef8c0e
commit
750cd5e985
@ -50,7 +50,7 @@ rm ssh/sshd_config.tmp
|
|||||||
ssh $remote "arch-chroot /mnt systemctl enable chronyd.service fstrim.timer logrotate.timer plocate-updatedb.timer systemd-networkd.service sshd.service unbound.service"
|
ssh $remote "arch-chroot /mnt systemctl enable chronyd.service fstrim.timer logrotate.timer plocate-updatedb.timer systemd-networkd.service sshd.service unbound.service"
|
||||||
ssh $remote "arch-chroot /mnt systemctl disable remote-fs.target systemd-network-generator.service"
|
ssh $remote "arch-chroot /mnt systemctl disable remote-fs.target systemd-network-generator.service"
|
||||||
|
|
||||||
ssh $remote "dd if=/dev/urandom of=/mnt/swapfile bs=1M count=$swap status=progress"
|
ssh $remote "dd if=/dev/random of=/mnt/swapfile bs=1M count=$swap status=progress"
|
||||||
|
|
||||||
password=$(head -c32 <(tr -dc A-Za-z0-9 </dev/random))
|
password=$(head -c32 <(tr -dc A-Za-z0-9 </dev/random))
|
||||||
echo password: $password
|
echo password: $password
|
||||||
|
@ -9,7 +9,7 @@ cd /etc/nginx/session-ticket-keys
|
|||||||
rsync -I 2.key 1.key
|
rsync -I 2.key 1.key
|
||||||
rsync -I 3.key 2.key
|
rsync -I 3.key 2.key
|
||||||
rsync -I 4.key 3.key
|
rsync -I 4.key 3.key
|
||||||
head -c 80 </dev/urandom >new.key
|
head -c 80 </dev/random >new.key
|
||||||
rsync -I new.key 4.key
|
rsync -I new.key 4.key
|
||||||
rm new.key
|
rm new.key
|
||||||
nginx -s reload
|
nginx -s reload
|
||||||
|
Loading…
Reference in New Issue
Block a user