Re: nothing contributing entropy in Xen domUs? or dom0!!!

[RVP <rvp%SDF.ORG@localhost>]

On Wed, 31 Mar 2021, Greg A. Woods wrote:

> Yes I did change that as well (as /var isn't part of the root partition).

I see. How did you change it? Because in 9.99 some things have changed:

	rndseed=/var/db/entropy-file

on a line of its own no longer works. You have to attach it to a
menu= line:

	menu=Boot normally:rndseed /var/db/entropy-file;boot

The same with some other directives like `gop='.

> /etc/rc.d/random_seed will do this (again) later anyway.

Yes.

> I know how to seed it -- but that's not the problem -- the hardware
> should be providing plenty of entropy.

As riastradh@ mentioned, in 9.99 only true HWRNGs like RDSEED/RDRAND will
be used. Other, estimated, sources are no longer "counted". mrg@ says
your CPU doesn't have the necessary instructions, so that means no RNs
for you (on 9.99) ;).

cpuctl identify 0 should tell you if your CPU has RDSEED/RDRAND.

-RVP