On Tue, 30 Jun 2015 01:11:27 +0200 Timothy Murphy <gayleard@xxxxxxxxxx> wrote: > Thanks very much. > This gave me the info > Error reading from TPM, no entropy gathered > It seems that my Thinkpad T510 has a TPM chip, > which I probably could turn on in some way. > > However, for the moment I've just run > sudo systemctl disable rngd Thanks for reporting this. I had no idea it was happening. I'm using audio-entropyd to augment rngd, and it still is working, so I'm not cryptographically compromised. This is serious, because it's like leaving the door unlocked on your house, when every other house on the block has been burgled. I've been thinking about purchasing a usb entropy generator, perhaps this is the spur to actually do so. I think they feed directly into the entropy pool like audio-entropyd, bypassing rngd, but I'm not sure. There are lots of them. https://en.wikipedia.org/wiki/Comparison_of_hardware_random_number_generators I like this pure digital model, anyone have experience with it? http://kidekin.nimp.co.uk/trng/kidekin_trng_user_manual.html They all seem pretty pricey, except for http://kidekin.nimp.co.uk/trng/kidekin_trng_user_manual.html These can be purchased on Ebay for less than $10. They don't seem as robust to me. Has anyone used this as an RNG solution? -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
