Bill Davidsen <davidsen(a)tmr.com> writes:
Wolfgang S. Rupprecht wrote:
> Is there an approved way to increase the speed at which the random pool
> for /dev/random fills up? I'm playig with dnssec and getnerating 2k rsa
> keys is taking up to 3 hours. I've been googling a bit and Intel x86_64
> machines seem to have random number hardware built in (perhaps also
> AMD???) Is there a way to funnel this into the entropy pool?
>
To be honest, I thought the data from the TCO random generator was funneled in
already. That's what the "intel-rng" module does.
Current kernel built with:
CONFIG_HW_RANDOM=y
CONFIG_HW_RANDOM_TIMERIOMEM=m
CONFIG_HW_RANDOM_INTEL=m
CONFIG_HW_RANDOM_AMD=m
CONFIG_HW_RANDOM_GEODE=m
CONFIG_HW_RANDOM_VIA=m
CONFIG_HW_RANDOM_VIRTIO=m
Thanks. That gave me a few good strings to google for.
If your CPU has the hardware the module should be loaded, but you
can
check with "lsmod | grep rng" to be sure, or load manually to
test. Also virtio_rng might be useful. You might have to load by hand
to test, then config to load by default if you want.
It turns out my (2 year old) AMD Phenom 9350e Quad-Core doesn't seem to
have that module loaded. In fact, googling for "AMD hardware random
number generator" got me a few hits of folks running an ms-windows tool
on similar processors and one of the flags checked was for the hardware
rng, which always seemed to be "not supported". I guess the modern CPU
really don't have that hardware any more. How strange (and sad!).
-wolfgang
--
Wolfgang S. Rupprecht
http://www.wsrcc.com/wolfgang/ (IPv6-only)