On 2019/04/16 23:45, Cyril Brulebois wrote: > I'm no cryptographer so I cannot judge haveged from that angle.
Ditto here, but... > But from a /proc/sys/kernel/random/entropy_avail standpoint, starting > the haveged daemon inside d-i, a couple of screens after the graphical > installer start-up, I'm getting a bump from ~150 to ~2500. > > This needs to be polished before submitting the addition of haveged-udeb > and of course proper integration needs to happen, with real tests… For > wget, we're hitting #926315, but it was luckily closed a couple hours > ago; arm devices that need so much time to generate a keypair should get > a nice improvement… Yeah debian-live was unusable without haveged (as in, some sessions wouldn't start up for hours unless users pounded on the keyboard for a while). Some people quickly get hand-wavy about haveged, but it seems like the theory of how it works is reasonably solid and I really tried to find evidence of it being harmful or not generating enough randomness in typical use cases, but couldn't find anything, so we went ahead and included it in the live media and it seems to work for us there. Debian's official documentation probably just needs a section explaining what haveged is and that if someone needs to create a mass amount of keys for commercial applications or such then it's really recommended that they get a decent hardware RNG or use an external service to seed that. -Jonathan