Re: /dev/random in 2.4.6

Alex Bligh - linux-kernel (linux-kernel@alex.org.uk)
Thu, 16 Aug 2001 20:35:12 +0100


> Hmm, since it IS critical that the ssh and VPN keys of a new system be
> very good, you could do something like run "bonnie++" on one of the new
> partitions, until you get enough entropy from block I/O completions.
...
> That said, there are still cases where network traffic _has_ to be enough
> for /dev/random, given that some firewalls (e.g. LRP) can run from only
> ramdisk, so have no other source of entropy than the network traffic.

It's a while since I looked, but I /thought/ entropy only came from
IDE (not for instance from SCSI, and certainly not when everything
is sitting in cache). I have a reasonably active mailserver (SCSI,
no k/b, no mouse, lots of RAM) which doesn't have enough entropy
to cope with SSL/TLS gracefully without relying on the network
traffic (i.e. behaves like it is ramdisk only).

--
Alex Bligh
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/