[149351] in cryptography@c2.net mail archive
Re: [Cryptography] request for consideration: VM guest entropy:
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Tue Feb 4 13:03:23 2014
X-Original-To: cryptography@metzdowd.com
Date: Tue, 4 Feb 2014 11:05:54 -0500
From: Theodore Ts'o <tytso@mit.edu>
To: John Denker <jsd@av8n.com>
In-Reply-To: <52F03E35.1060205@av8n.com>
X-SA-Exim-Mail-From: tytso@thunk.org
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Mon, Feb 03, 2014 at 06:11:17PM -0700, John Denker wrote:
>
> 2) Is somebody going to write an entropy-transfer daemon
> to move entropy from /dev/hwrng to /dev/random, and then
> make sure that all the distros incorporate this and enable
> it by default?
It already exists, and all/most distributions has had it for years.
It's called rngd.
Making it be the default is up to whoever is creating the base images
for various hosting providers. The bigger problem is that not all
cloud hosting providers are providing virtio-rng. But that code
exists today, so it's a matter of lobbying the hosting providers to
make it available. It appears Rackspace does support virtio-rng. As
others have mentioned Amazond doesn't appear to support virtio-rng.
- Ted
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
