Have tftpd provide a block of random data when clients request the file

/etc/random.seed.

This allows netbooted systems to inject entropy early in the kernel start.
pxeboot requests it already, so no configuration or change is needed on
the client side.

ok deraadt@ beck@

1 files changed, 11 insertions, 2 deletions

diff --git a/usr.sbin/tftpd/tftpd.8 b/usr.sbin/tftpd/tftpd.8
index c42d0683c0e..2e8f89cb5cf 100644
--- a/usr.sbin/tftpd/tftpd.8
+++ b/usr.sbin/tftpd/tftpd.8
@@ -1,4 +1,4 @@
-.\"   $OpenBSD: tftpd.8,v 1.4 2012/03/04 07:26:51 jmc Exp $
+.\"   $OpenBSD: tftpd.8,v 1.5 2015/07/18 05:32:56 mcbride Exp $
 .\"
 .\" Copyright (c) 1983, 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -29,7 +29,7 @@
 .\"
 .\"	from: @(#)tftpd.8	6.7 (Berkeley) 5/13/91
 .\"
-.Dd $Mdocdate: March 4 2012 $
+.Dd $Mdocdate: July 18 2015 $
 .Dt TFTPD 8
 .Os
 .Sh NAME
@@ -70,6 +70,15 @@ The server must be started as root, but will chroot to the
 .Ar directory
 specified on the command line and drop privileges to the _tftpd user.
 .Pp
+.Nm tftpd
+always provides random data at the path
+.Pa /etc/random.seed ,
+and therefore this path will be ignored inside the
+.Ar directory .
+.Ox
+network bootloaders access this path to harvest entropy during
+kernel load.
+.Pp
 The options are as follows:
 .Bl -tag -width Ds
 .It Fl 4