Subject: Re: /dev/random without random sources blocking forever?
To: None <firstname.lastname@example.org>
From: Alan Barrett <email@example.com>
Date: 08/22/2006 12:22:19
On Tue, 22 Aug 2006, Daniel Carosone wrote:
> > Userland can't add entropy sources
> Yes, it can.
Also, if entropy is collected from disk devices but there's no disk
I/O, userland can simply perform some disk I/O. For example, my
/etc/rc.d/cgd kicks off a background dd process with the intent of
gathering some entropy to feed into the random key that's used to
encrypt the swap partition.
> Perhaps we should enable network sources by default if no others are
> available, or just by default always.
Some people seem to think that's harmful, and I can see their point
against setting the "estimate" flag for network devices, but I don't see
the harm in setting network devices to "collect, no estimate". However,
a device marked "no estimate" will never allow /dev/random to unblock.
--apb (Alan Barrett)