Re: [openssl-users] [openssl-dev] Do you use EGD or PRNGD?
In message <48ce1b94ef3648d990a5e253a8992...@ustx2ex-dag1mb2.msg.corp.akamai.com> on Mon, 1 Jun 2015 18:33:01 +, "Salz, Rich" said: rsalz> > While HP NonStop is not officially supported, I have been helping to maintain rsalz> > a fork for the platform since December and are current through 1.0.2a. We rsalz> > do use prngd. I am looking for ways to get back on the official platform list, rsalz> > looking for alternatives to prngd for that platform, and trying get vendor by- rsalz> > in in this area. rsalz> rsalz> Thanks for the info. rsalz> rsalz> One possibility is to have a separate program use prngd and write it to a RANDFILE that openssl uses. Probably servers are the most important users, and you could/should have one file per server ... I'd like to remind people of the possibility to make an engine module. Cheers, Richard -- Richard Levitte rich...@levitte.org http://richard.levitte.org/ "Life is a tremendous celebration - and I'm invited!" -- from a friend's blog, translated from Swedish ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Do you use EGD or PRNGD?
On Mon, Jun 1, 2015 at 10:03 AM, Salz, Rich wrote: > We are thinking of removing support for EGD (entropy-gathering daemon) in > the next release. None of our supported platforms have needed it for some > time. If this will cause an issue for you, please reply soon. > Rich... At the cost of being argumentative, why is there no need for it? I had to install an entropy gather on Debian desktop because reads to /dev/random would fail on occasion when the device was opened O_NONBLOCK. I was not hitting it hard - I was just trying to grab a 32 byte one-time seed to seed an in-app generator. It was really surprising to see Debian's RNG could only supply 7 bytes or so. I was amazed it happened out of the box in 2014. After that, I switched to alternate methods to grab any entropy I could get my hands on, including things like EGD, HAVEGED and even sensor readings on mobile devices (if they are available). Jeff ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Do you use EGD or PRNGD?
> While HP NonStop is not officially supported, I have been helping to maintain > a fork for the platform since December and are current through 1.0.2a. We > do use prngd. I am looking for ways to get back on the official platform list, > looking for alternatives to prngd for that platform, and trying get vendor by- > in in this area. Thanks for the info. One possibility is to have a separate program use prngd and write it to a RANDFILE that openssl uses. Probably servers are the most important users, and you could/should have one file per server ... ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
