On Mo, 22.04.19 08:35, Robert Marcano (robert(a)marcanoonline.com) wrote:
> What's the story anyway for rngd? Why would userspace be
better at
> providing entropy to the kernel than the kernel itself? Why do we
> enable it on desktops at all, such systems should not be
> entropy-starved.
Non developers, true. Developer's workstations, wrong. Just signing a few
packages (java's jarsigner) to test your code runs fine under those
conditions can drop to near zero the entropy, taking a lot of time to finish
the signing.
Well, "jarsigner" is broken then. It appears to use /dev/random
instead of /dev/urandom. if you use the latter, then you can pull out
as much randomness as you want, it's not affected by "entropy
depletion".
See man page about that:
http://man7.org/linux/man-pages/man4/urandom.4.html
Lennart
--
Lennart Poettering, Berlin