| 1 |
Ed W <lists@××××××××××.com> 2010-03-25 20:34: |
| 2 |
> On 25/03/2010 20:11, Rob Kendrick wrote: |
| 3 |
>> ... |
| 4 |
<snip/> |
| 5 |
> I noticed a munin script in the ekeyd download - haven't tried it, but |
| 6 |
> the quantity of variables you can monitor from the device seemed quite |
| 7 |
> impressive. Who would have thought you would have wanted to graph the |
| 8 |
> temperature of your random number generator, but for those who do, you |
| 9 |
> are in luck... |
| 10 |
|
| 11 |
Here's another graphing tool I started using since whoever started this |
| 12 |
thread got me hooked on the subject :) |
| 13 |
http://collectd.org/wiki/index.php/Plugin:Entropy |
| 14 |
|
| 15 |
Things are much worse, even for physical machines, than I originally |
| 16 |
suspected, so I'm now thinking about trying to setup something like this |
| 17 |
in conjunction with both the entropy key and the timer_entropyd so that |
| 18 |
I can provide an entropy service to various clients. |
| 19 |
http://www.vanheusden.com/entropybroker/ |
| 20 |
|
| 21 |
This probably won't actually happen until some distant point in the |
| 22 |
future, but I'm especially interested in getting it to virtual machines. |
| 23 |
Unfortunately, from what I can find there's no nice interface between |
| 24 |
the host's rng and the vm for vmware esx like there is for kvm (eg: |
| 25 |
virtio_rng). Anyone know of one? |
| 26 |
|
| 27 |
With the entropy broker the thing I'm not totally clear on is how |
| 28 |
entropy bits transferred over the network (presumably without encryption |
| 29 |
as that might require entropy) would be worthwhile entropy? What makes |
| 30 |
it different from the situation where you're using the network device |
| 31 |
interrupts as an source of entropy? Couldn't both be observable? |
| 32 |
|
| 33 |
Another question - I keep seeing people suggesting to hook rngd (from |
| 34 |
rng-tools) up to /dev/urandom. Doesn't that just feed your system |
| 35 |
entropy with an prng most of the time? I feel like this just gives the |
| 36 |
illusion of a decent sized entropy pool. Might as well hook your app up |
| 37 |
to /dev/urandom instead, correct? |
| 38 |
|
| 39 |
In any case, waiting anxiously for delivery of my entropy key so I can |
| 40 |
start playing. |
| 41 |
|
| 42 |
Cheers, |
| 43 |
Brian |
Archives