On Fri, 14 Dec 2018 15:13:08 -0800 Xilin Sun <s.sn.gira...@gmail.com> wrote: > On Fri, 14 Dec 2018 11:04:40 +0100 Yves-Alexis Perez <cor...@debian.org> > wrote: > > I don't have good solutions right now. With 4.19 and if your CPU has an RNG > > you're willing to trust, you'll be able to pass random.trust_cpu=yes to the > > kernel command line, which should help seeding the RNG. > > Just took at look at the /boot/config-4.19.0-trunk-amd64 file from > Debian, and saw this: > > # CONFIG_RANDOM_TRUST_CPU is not set > > It seems that you have to compile your own kernel to enable > random.trust_cpu to try this option at this time. Just read the message on the patch by Ted Ts'o: https://lkml.org/lkml/2018/7/17/1279
It seems Debian will never ever enable this option by default. Unless you compile your own kernel, rng-tools5 or haveged is the solution to such bugs.
