tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: rc.d/rndctl



On Wed, Sep 17, 2008 at 03:58:51PM -0400, Brian A. Seklecki wrote:
> All:
> 
> I was about to assemble a PR to submit an etc/rc.d/rndctl to enable
> various default sources at run time.  I wanted to get some community
> feedback on what are sound default RNG sources (net, disk, rng, etc.)

There *are* defaults, they're built into the kernel.  They used to be
sane -- have they been changed so that they no longer are?

Do not enable 'net' entropy estimation by default.  On a fileserver, you
don't want to estimate from 'disk' either -- it is too well correlated
with 'net'.

Thor


Home | Main Index | Thread Index | Old Index