On Wed, Sep 11, 2013 at 12:25:48PM -0700, H. Peter Anvin wrote: > This of course has been a long-running debate. Similarly, we could > make much better use of RDRAND if instead of doing data reduction in > rngd we could feed it to the pool and just credit fractional bits. > The FIPS tests that rngd runs are weak and obsoleted, but perhaps > better than nothing (now when we don't shut down rngd due to false > positives.)
/dev/urandom is using RDRAND already, and that's what most of the applications which are generating ssh host keys, session keys, etc., are using. /dev/random is using RDRAND as well, but we're not giving any entropy credit, so it will take longer to get the necessary randomness to generate a GPG key. The rason why it would be good to use TPM to fetch randomness is for those platforms is (a) for pre-RDRAND capable x86 systems, and (c) non-x86 platforms that might be using a TPM which don't have a RDRAND function. Also, in general, it's better to use as many entropy sources as possible. Cheers, - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/