Friends don't let friends generate insecure keys. Headless raspi setups generate ssh keys on first boot with relatively little entropy.

Don't forget to `dd if=/dev/random of=$raspi_root_mountpoint/var/lib/systemd/random-seed bs=1 count=512` before the first boot.

Does that dd command dump the current entropy pool into an entropy seed file?
If so, there are serious concerns wrt that (in general, maybe not for a 1-time thing).
See also my thread starting at


@FreePietje @kekcoin thanks that kind of things definitely need more research

Sign in to participate in the conversation
Bitcoin Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!