Web lists-archives.com

Re: FYI/RFC: early-rng-init-tools




On 2019-02-24 19:52:59 [+0000], Thorsten Glaser wrote:
> tl;dr: it adds entropy during initramfs/as early as possible during
> boot *and* tells the kernel it did so, to make its crng initialised,
> and ensures a subsequent boot has a different seed, also updated
> periodically and on shutdown for added entropy carry-over.

so I have one older box that suffers from that. I installed haveged and
seemed to went away:

[    1.600832] random: fast init done
[    2.417621] systemd[1]: systemd 240 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid)
[    8.685406] random: crng init done

So what is the advantage over using haveged?
As far as I understand, it would reach the "init done" state before
systemd took over, right?

Sebastian