[openssl-users] [openssl-dev] Do you use EGD or PRNGD?
Jeffrey Walton
noloader at gmail.com
Mon Jun 1 15:40:07 UTC 2015
On Mon, Jun 1, 2015 at 10:03 AM, Salz, Rich <rsalz at akamai.com> wrote:
> We are thinking of removing support for EGD (entropy-gathering daemon) in
> the next release. None of our supported platforms have needed it for some
> time. If this will cause an issue for you, please reply soon.
>
Rich... At the cost of being argumentative, why is there no need for it?
I had to install an entropy gather on Debian desktop because reads to
/dev/random would fail on occasion when the device was opened
O_NONBLOCK. I was not hitting it hard - I was just trying to grab a 32
byte one-time seed to seed an in-app generator. It was really
surprising to see Debian's RNG could only supply 7 bytes or so. I was
amazed it happened out of the box in 2014.
After that, I switched to alternate methods to grab any entropy I
could get my hands on, including things like EGD, HAVEGED and even
sensor readings on mobile devices (if they are available).
Jeff
More information about the openssl-users
mailing list