Rob Davies wrote:
On 27 July 2011 14:02, Per Jessen
wrote: Rob Davies wrote:
Presumably such would be widely available thanks to integrated audio, even on diskless installs.
Perhaps except on servers - none of mine have on-board sound.
Ok, so are your servers entropy starved or are there sufficient interrupts in practice?
Probably no and very probably yes. I wasn't trying to argue either way, just thought I'd mention it.
Would USB key type hardware be practical? Presumably your server boards are not budget models and operate in a controlled secure environment.
Yup.
Do you have (assuming you see entropy starvation and hardware solution impractical) objections to running haveged, making it poor choice?
To me (albeit with very limited understanding of the issues involved here), running haveged by default sounds like a perfectly good idea. If I needed a higher quality random source, hardware would likely be my choice.
The Fate entry I was thinking of mentioned networked diskless installations, which might need fair amount of entropy but receive less as network card contributed entropy has issues and they may have unused audio input. The timing unpredictability approach, appeared simpler to deploy, because it did not require hardware, yet seems less trusted as "real" hardware interrupts. I wondered if the audio based daemon might have a niche.
It sounds like an idea worth exploring. One thing I've been wondering about (whilst reading this thread) - in which kind of environment does the problem occur? (assuming problem = low entropy, high demand) -- Per Jessen, Zürich (20.4°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org