[opensuse-factory] Enabling haveged by default?

6 May 2011


      -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all -
I just removed the network device entropy-generating patches from the
kernel repo. They had to be explicitly enabled for use and were
consistently refused for upstream acceptance. With no better hardware
entropy source, they kept the pool full but are prone to third party
manipulation via packet flooding.
I noticed that since 11.4, we have installed haveged by default. Might
it be a good idea to enable it by default as well? Perhaps someone with
more experience with it can chime in, but it looks like it stays dormant
until the entropy pool drops too low so there's not a lot of overhead.
- -Jeff
- -- 
Jeff Mahoney
SUSE Labs
...PGP SIGNATURE...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEYEARECAAYFAk3Ei1wACgkQLPWxlyuTD7I81gCgoNGDYFT7/4VjQ8a6Yl+Du2PE
riMAn0h3eFOVU3BdVVHPqqMyI/S1iDB1
=XyDt
-----END PGP SIGNATURE-----
-- 
To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-factory+help@opensuse.org

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[opensuse-factory] Enabling haveged by default?