Predrag Ivanović wrote in <20190613011357.04ac80c9@deus>: |On Wed, 12 Jun 2019 21:52:58 +0200 |Steffen Nurpmeso wrote:
It seems this little program is a huge success. ^_^ |<snip> |>But likely only because i hit a key... I looked around and saw |>other people with the same problem using the haveged daemon, which |>is kind of strange as it can generate thousands of bits of hard |>randomness in a second.> |<snip> | |Would you explain what you mean by this? |I've been using haveged for years, without issues, afaict. I use it too on the server, in addition to the entropy server. I have to use mailman, and that somehow consumes randomness like grazy even in idle state, which is a big pity, as it can drive down all the other programs which sometimes use randomness. (Python people and mathematics ..., me thinks.) My provider does not feed in random into the VM, so i would be lost without it. This is especially a pity with the current OpenSSL which turns to blocking mode at least when its used the first time, until unlocked. (This is what caused the openssl-users thread one or two weeks ago; i think they might change that again.) Now i do not know whether multi-process servers reinit their OpenSSL state machine for each and every connection, or take the prepared one with the fork(2)ed child. Yeah, i mean, i shortly looked at haveged code last year and it does some things which should cause randomness; but of course the quality cannot be that high, if i compare that to all the things that go on in a system, with application I/O, logging, file system, network, and other interrupts, whatever, which counts for 3 bits or what per second here, and about one on the server (iirc), whereas that little "math from nowhere" produces a thousand bits or more in the same time. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ crux-devel mailing list [email protected] https://lists.crux.nu/mailman/listinfo/crux-devel
