On Sun, 31 Oct 2010, Chris Pepper wrote: > But my /dev/random does seem quite low. Still surfing and looking for a > good way to fill it on a mostly headless server -- I haven't found a > good solution yet. http://www.entropykey.co.uk/ Very good hardware, first-class Linux support, and will fit on the internal USB ports of most 1U/2U servers and workstations (where it will be safe from physical accidents during server maintenance, and far more protected against tampering). I'm one of their happy customers (and not otherwise affiliated with them in any way). Just like I am a happy customer of fastmail.fm :-) That said, you should always use /dev/urandom unless you're generating long-term keys, even if you add one or more entropy keys. Otherwise, it gets easier to DoS the service. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
