/dev/random and entropy pool
Michael E Brown
michael_e_brown at dell.com
Mon Apr 1 17:23:01 CST 2002
Intel i810 driver would be nice, but... we don't have i810 chipsets in any
of our servers :-(
If you are into running your own compiled kernels, there is a patch
for net devices to contribute their IRQ randomness to the pool.
http://www.tech9.net/rml/linux/ (about halfway down.)
Another useful link: http://www.cs.berkeley.edu/~daw/rnd/
There is also audio-entropyd, which takes random noise from a floating
microphone input and contributes that to the pool, but again, our servers
don't have sound :-(
Probably your best bet is the Broadcom 5820 card. You have to flip a bit
in the config to tell it to put stuff in the random pool, though.
On Mon, 1 Apr 2002, Jeremy Stoltz wrote:
> Guess I was wrong. They are using /dev/urandom because of the blocking
> issues. Any recommendations which userspace daemons or the i8x0 Random
> Number Generator which work well?
> ----- Original Message -----
> From: Michael_E_Brown at dell.com <mailto:Michael_E_Brown at dell.com>
> To: jstoltz at oz.net <mailto:jstoltz at oz.net> ; Linux-PowerEdge at dell.com
> <mailto:Linux-PowerEdge at dell.com>
> Sent: Monday, April 01, 2002 6:43 AM
> Subject: RE: /dev/random and entropy pool
> This depends on if you are having slowdowns related to not having
> entropy. Do processes using random numbers use /dev/random or
> /dev/urandom? If they use the former, do they ever block for long
> periods of time? If you don't see any of this behaviour, then there is
> probably little reason to change.
> There are several userspace daemons available that can take sources of
> randomness and add them to the pool. Dell sells the Broadcom 5820 SSL
> accelerator, and it has a hardware random-number generator that you can
> enable if you need it.
> -----Original Message-----
> From: Jeremy Stoltz [mailto:jstoltz at oz.net]
> Sent: Monday, April 01, 2002 12:39 AM
> To: Linux-PowerEdge at exchange.dell.com
> Subject: /dev/random and entropy pool
> We are using some Dell 1550's as application and web servers. The
> application is using encryption similar to an SSL web server. These
> servers are headless with very little disk activity. Is it necessary to
> use Intel's i8x0 Random Number Generator or other kernel modules to add
> more devices to add to the entropy pool?
Michael E. Brown, RHCE, MCSE+I, CNA
Dell Linux Solutions
If each of us have one object, and we exchange them,
then each of us still has one object.
If each of us have one idea, and we exchange them,
then each of us now has two ideas.
More information about the Linux-PowerEdge