Others have responded as to why this is not so hot an idea.
It sounds like your trying to obtain more entropy than you really
need - I would have thought that the built in hardware RNG in
the newer Intel chips would do the job. Barring that, stick in one
of the various cryptographic coprocessor boards; this would allow
you not only to get real random numbers, it would speed up the
keygen stop substantially.
nCipher (partly owned by RSA :-) makes such boards. They work
with Linux.
Peter Trei
> ----------
> From: Rich Salz[SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, November 15, 2000 10:19 PM
> To: [EMAIL PROTECTED]
> Subject: Lots of random numbers
>
> I'm putting together a system that might need to generate thousands of RSA
> keypairs per day, using OpenSSL on a "handful" of Linux machines. What do
> folks think of the following: take one machine and dedicate it as an
> entropy
> source. After 'n' seconds turn the network card into promiscuous mode,
> scoop
> up packets and hash them, dump them into the entropy pool. Do this for 'm'
> seconds, then go back to sleep for awhile. The sleep and wake times are
> random numbers. Other systems on the newtwork periodically make an SSL
> connection to the entropy box, read bytes, and dump it into their
> /dev/random
> device.
>
> Is this a cute hack, pointless, or a good idea?
> /r$
>