as a one-shot at boot without more complex kernel work, and also includes some serial numbers/guids which may add a little more entropy e.g. for systems where /etc/random.seed may be known (e.g. cloned disk images). "why not" deraadt@
sthen