Is there a way to get to pass entropy to a fresh droplet at startup? My project ends up blocking for a full minute waiting for entropy
Conversation
Switch to a recent Linux kernel. 5.10 LTS branch shouldn't have these issues.
/dev/random and getrandom GRND_RANDOM no longer have cargo cult throttling but rather only block for initialization.
Kernel also forces jitter-based entropy generation if needed instead of waiting.
1
3
They use a proper CSPRNG for everything nowadays and finally fully abandoned the misguided concept of entropy being drained through generating random data.
It keeps adding fresh entropy but they completely got rid of the nonsense concept of generating random data depleting it.
1
1
Replying to
oh yay! this would mean i have to find a new base image though since Rancher OS is on 4.14.138
1
Replying to
Fedora CoreOS is a modern replacement. RancherOS is dead which is probably why it's so out-of-date: github.com/rancher/os#dev.
Latest 4.14 LTS is 4.14.255 but I don't think they backported these CSPRNG improvements to kernels earlier than around 5.4.
Replying to
I was really only using rancher since it’s one of the DigitalOcean default options, I’ll try out CoreOS and see how it works for me, thanks