Re: more random device badness in 2.6.18 :(

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Oct 10, 2006 at 08:08:32PM +0200, Paul Wouters wrote:

> Since hardware random is not transparently added to /dev/random's entropy,
> applications such as Openswan need to test for the availability of the
> seperate device file (not a good design imho). So Openswan will use
> /dev/hw_random if available.

Why should Openswan touch /dev/hw_random directly?

> Every call to /dev/hw_random gives that one (not very random!) line of output,
> and then nothing more ever. A call to /dev/random still works:

$ apt-cache show rng-tools
 [...]
 The rngd daemon acts as a bridge between a Hardware TRNG (true random number
 generator) such as the ones in some Intel/AMD/VIA chipsets, and the kernel's
 PRNG (pseudo-random number generator).
 .
 It tests the data received from the TRNG using the FIPS 140-2 (2002-10-10)
 tests to verify that it is indeed random, and feeds the random data to the
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 kernel entropy pool.
 [...]

There is a good reason why /dev/hw_random is different from /dev/random...

Gabor

-- 
     ---------------------------------------------------------
     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences
     ---------------------------------------------------------

--
Fedora-xen mailing list
Fedora-xen@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-xen

[Index of Archives]     [Fedora General]     [Fedora Music]     [Linux Kernel]     [Fedora Desktop]     [Fedora Directory]     [PAM]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux