[Ach] removed outdated info on Linux RNG / haveged
Kurt Roeckx
kurt at roeckx.be
Sun May 7 18:27:49 CEST 2017
On Sun, May 07, 2017 at 02:13:00PM +0200, Hanno Böck wrote:
> Hi Aaron,
>
> While I generally agree that using urandom is good advice, there is a
> serious problem that the Heninger paper points out: Early boot time
> entropy.
And the fix is really to make /dev/urandom block until it has
initial entropy.
> There used to be no easy fix, but now there is: The getrandom()
> function supports a mode that will block if the RNG hasn't been seeded
> yet, but will not block afterwards.
It has a GRND_RANDOM flag that doesn't make any sense.
glibc also provides getentropy(), which actually looks like a
better interface.
Kurt
More information about the Ach
mailing list