Is haveged still considered a reasonable way to gather entropy for the Linux RNG?
use getrandom() to read the entropy to be persisted (so you know it's guaranteed to be cryptographically random), then after reading it back on boot, bump the entropy counter by 128
-
-
Now if only we'd thought to put that in the default install 18 months ago...
-
If there's already packaged code to do that, we can recommend installing/enabling it, but implementing an entirely new service isn't really an option for a stable update
- 7 more replies
New conversation -
-
-
I guess the downside to that would be what happens when someone distributes an image of an installed system without realizing that they have to delete the entropy file...
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.