Re: insufficient entropy for rnd

To: tech-crypto%netbsd.org@localhost
Subject: Re: insufficient entropy for rnd
From: tron%zhadum.de@localhost (Matthias Scheler)
Date: Sun, 17 Aug 2003 17:19:10 +0000 (UTC)

In article <20030811201900.5abe568f.rumi_ml%rtfm.hu@localhost>,
> Maybe Cyrus SASL (mine is 2.1.12 from pkgsrc) could be compiled
> to use /dev/urandom instead, but for me this sounds more like
> a workaround than a solution at least for a crypto purpose.

If good random generation is important for your server try to get a
motherboard with an Intel 8xx chipset (for Pentium III or IV) which
has Intel's firmware hub (ASUS motherboards don't have one, Intel
motherboards of course do). It'll provide you with a hardware RNG
which is supported by NetBSD:

pchb0: Intel 82865 Host (rev. 0x02)
pchb0: random number generator enabled

tron@lyssa:~tron#rndctl -l
Source                 Bits Type      Flags
sd3                       0 disk estimate, collect
sd2                       0 disk estimate, collect
sd1                       0 disk estimate, collect
sd0                       0 disk estimate, collect
fd0                       0 disk estimate, collect
cd1                       0 disk estimate, collect
cd0                       0 disk estimate, collect
wd1                  101371 disk estimate, collect
wd0                   45886 disk estimate, collect
wm0                       0 net  
pchb0              28911104 rng  collect
pms0                 384123 tty  estimate, collect
pckbd0                72510 tty  estimate, collect

        Kind regads

-- 
Matthias Scheler                                  http://scheler.de/~matthias/

References:
- insufficient entropy for rnd
  - From: Rumi Szabolcs

Prev by Date: Re: insufficient entropy for rnd
Next by Date: Re: insufficient entropy for rnd
Previous by Thread: Re: timing network interrupts (Re: insufficient entropy for rnd)
Next by Thread: Re: insufficient entropy for rnd
Indexes:

Home | Main Index | Thread Index | Old Index