Mailinglist Archive: opensuse-factory (505 mails)
| < Previous | Next > |
Re: [opensuse-factory] haveged - now enabled by default?
- From: Olipro <olipro@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 24 Jul 2011 18:34:05 +0100
- Message-id: <201107241834.05482.olipro@8.c.9.b.0.7.4.0.1.0.0.2.ip6.arpa>
On Sunday 24 Jul 2011 17:41:25 Cristian Rodríguez wrote:
Is this the mailing list for SuSE or random advertisements of RNG hardware?
(pun intended)
The issue wasn't really about grandstanding over what sort of entropy
gathering should or should not be in the kernel but rather the fact that as it
stands, openSUSE has a significant issue with the /dev/random device which
could be alleviated by enabling haveged by default at (preferably) runlevels 3
and 5.
I think what needs to be done is to make an objective evaluation of what sort
of footprint haveged has on a system when left enabled by default, and weigh
that cost up against the benefit of ensuring that programs using /dev/random
are not impacted - personally, I would say that classifying it as
"unnecessary" is disingenous and that having it enabled by default has
benefits far greater than the few Kb of memory it will consume.
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
El 24/07/11 10:19, Olipro escribió:
something that I think is just insane,
Yes, it is insane, point your guns to kernel developers ;)
This haveged daemon is an userspace workaround, that provides strong,
high quality entropy (passes all FIPS tests) but it is not a long term
solution.
If you want a permanent solution, get one of this
http://www.entropykey.co.uk/
Cheers.
Is this the mailing list for SuSE or random advertisements of RNG hardware?
(pun intended)
The issue wasn't really about grandstanding over what sort of entropy
gathering should or should not be in the kernel but rather the fact that as it
stands, openSUSE has a significant issue with the /dev/random device which
could be alleviated by enabling haveged by default at (preferably) runlevels 3
and 5.
I think what needs to be done is to make an objective evaluation of what sort
of footprint haveged has on a system when left enabled by default, and weigh
that cost up against the benefit of ensuring that programs using /dev/random
are not impacted - personally, I would say that classifying it as
"unnecessary" is disingenous and that having it enabled by default has
benefits far greater than the few Kb of memory it will consume.
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
| < Previous | Next > |