| |||||||||||||
On entropy and randomnessOn entropy and randomnessPosted Dec 14, 2007 15:24 UTC (Fri) by adamgundy (subscriber, #5418)In reply to: On entropy and randomness by cpeterso Parent article: On entropy and randomness
yeah, we've seen those. the problem is that we intentionally try to stick with the distrib kernel so we don't end up recompiling kernels every time there's a new security patch... the alternatives are to compile our own cyrus with the magic flag telling it to use /dev/urandom (same problem as above, plus we'd have to recompile apache, openvpn, ...), or hack on udev to make it create a /dev/random which is actually /dev/urandom... couldn't convince udev to do that reliably though. rngd seems to do the trick as a userspace workaround. it's main purpose is supposed to be pulling entropy from hardware addons, but it seems to be pretty common to use it the way we do too.
(Log in to post comments)
On entropy and randomness Posted Dec 14, 2007 20:18 UTC (Fri) by nix (subscriber, #2304) [Link] KERNEL=="urandom", NAME="random" (or SYMLINK, if you prefer) should do the trick, I'd expect.
On entropy and randomness Posted Dec 14, 2007 21:34 UTC (Fri) by adamgundy (subscriber, #5418) [Link] pretty sure we tried something like that.. sometimes it would work, sometimes not (timing?) I forget exactly the issue with udev, we just couldn't convince it to do what we wanted and rngd worked out of the box.
|
|||||||||||||