> # Pseudo Random Number Generator (PRNG):
> # Configure one or more sources to seed the PRNG of the
> # SSL library. The seed data should be of good random quality.
>+# WARNING! On some platforms /dev/random blocks if not enough entropy
>+# is available. This means you then cannot use the /dev/random device
>+# because it would lead to very long connection times (as long as
>+# it requires to make more entropy available). But usually those
>+# platforms additionally provide a /dev/urandom device which doesn't
>+# block. So, if available, use this one instead. Read the mod_ssl User
>+# Manual for more details.
AH-HA!
I've been fighting miscellaneous pauses on my machine for a while now (RH
6.1 i386). It would pause sometimes when I'd hit my webserver's frontpage
(where among other things a random number gets generated), sometimes when
I'd login with SSH (where it grabs a random for its encryption,
presumably), etc.
So I did a simple "more /dev/random", and it sat there pausing until I
popped up a menu in Gnome. As I spaced down, it kept pausing until I
generated activity. "more /dev/urandom" generated no such pauses.
Given that my machine is pausing all over the place (Apache, SSH,
Sendmail, etc.), is there a way to generate entropy to prevent random
from blocking? Having to change all that sourcecode would be excessive
and well beyond my skill.
Steve Freitas
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
