again, to add some input to my own question - i happened to be compiling openssh and found this in the install doc: NB. If you operating system supports /dev/random, you should configure OpenSSL to use it. OpenSSH relies on OpenSSL's direct support of /dev/random, or failing that, either prngd or egd PRNGD: If your system lacks kernel-based random collection, the use of Lutz Jaenicke's PRNGd is recommended. http://prngd.sourceforge.net/ EGD: The Entropy Gathering Daemon (EGD) is supported if you have a system which lacks /dev/random and don't want to use OpenSSH's internal entropy collection. http://www.lothar.com/tech/crypto/ hopefully i'll find the time to figure out what is different about "OpenSSH's internal entropy collection", the above systems, and haveged. On Sat, Oct 13, 2012 at 10:11 PM, Jasper Wallace <jasper@pointless.net> wrote:
On Thu, 11 Oct 2012, Dan White wrote:
On 10/11/12 17:08 -0700, Jonathan Lassoff wrote:
On Thu, Oct 11, 2012 at 5:01 PM, shawn wilson <ag4ve.us@gmail.com> wrote:
in the past, i've done many different things to create entropy - encode videos, watch youtube, tcpdump -vvv > /dev/null, compiled a kernel. but, what is best? just whatever gets your cpu to peak or are some tasks better than others?
Personally, I've used and recommend this USB stick: http://www.entropykey.co.uk/
Internally, it uses diodes that are reverse-biased just ever so close to the breakdown voltage such that they randomly flip state back and forth.
+1.
and with ekeyd-egd-linux you can distribute the entropy from an entropykey over the net - great for giving vm some randomness.
-- [http://pointless.net/] [0x2ECA0975]