Just an odd thought...
For routers, perhaps one could use random packets to provide the random
data for /dev/random?
Well, I told you it was an odd thought.
- Jon
Charles Steinkuehler wrote:
>
> > I'm running several Dachstein 1.02 boxes doing IPSEC. I've been using
> > shared secrets and wanted to go to 509 certs. I have been able to generate
> > one 2048 bit key but the other machines just sit trying to get 128 random
> > bytes from /dev/random. I let one sit for two days before killing the
> > process.
> >
> > Does anyone know what I'm doing wrong?
>
> Your firewall boxes are not filling /dev/random with true random data
> (generated primarily from direct user input), and /dev/random will block
> until there is enough "true" randomness to fill a read request.
>
> Either hook a keyboard to the box and start banging on the keys, or
> (preferred) generate the keys on a true workstation (ie used by a person so
> lots of random user seeding of /dev/random) and copy them over...
>
> Charles Steinkuehler
> http://lrp.steinkuehler.net
> http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
>
> _______________________________________________
> Leaf-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/leaf-user
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
