[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Xen nuisance messages
On 2/24/2012 6:08 AM, Manuel Bouyer wrote:
On Thu, Feb 23, 2012 at 10:37:28PM -0500, David Howland wrote:
Does a Xen machine have any way to generate entropy?
Not a strong one. The only sources of entropy are xbd and xennet which are
disabled by default (because they're probably not very good) but can
be enabled with rndctl.
AFAIK no interface has been designed to get some entropy from dom0.
That's very interesting, and similar to what I expected to hear. This
seems like a problem for a person or company that has virtualized their
servers. A quick Google search reveals that Linux had this problem too,
although I didn't find if they did something to solve it. It also
turned this up [https://lkml.org/lkml/2006/5/12/103], which describes
why entropy collection is disabled by default. I will enable collection
on xbd and xennet because I'm not worried about that kind of attack vector.
Main Index |
Thread Index |