I wrote:
>> How do I use a hardware random number generator to
>> continuously seed /dev/random with new truly random numbers?
--- Theo de Raadt wrote:
> We consider these devices boring, because the kernel does a good enough job
> creating random.
> randomness only has a bootstrap problem. And these devices don't solve the
> bootstrap problem.
I'm thinking of headless servers, where randomness can ONLY come
from the network. There is no keyboard, no mouse, etc.
I'm also thinking of first boot after install, when keys are generated.
I think that is what you mean by the bootstrap problem.
Thanks,
Ken
PS I'm also thinking of very old hardware, without RDRAND in the CPU.
Not to mention that you can't necessarily trust RDRAND!
CONFIDENTIALITY NOTICE: This email and any attachments are for the sole use of
the intended recipient and may contain material that is proprietary,
confidential, privileged or otherwise legally protected or restricted under
applicable government laws. Any review, disclosure, distributing or other use
without expressed permission of the sender is strictly prohibited. If you are
not the intended recipient, please contact the sender and delete all copies
without reading, printing, or saving.
