[vserver] Bought an entropykey - very happy

Ed W lists at wildgooses.com
Tue Mar 23 13:49:16 PDT 2010 

Apologies for the apparently random plug, but I was previously posting 
to gentoo-hardened about ways to try and avoid bumping along with an 
empty entropy pool caused largely by using a "hardened" glibc/kernel 
(uses a bunch of entropy putting canarys after all call stacks) and it's 
exasperated by Linux's choice to ignore network traffic as a source of 
randomness and only focus on keyboard/HD activity (near negligible on a 
typical headless server serving files from cache...), and the icing is 
of course the nice linux-verver patches which allow us to cram so many 
processes into a small server...

Having tried the bunch of software entropy generators you will find with 
a quick google search and finding they simply burn CPU for very little 
benefit - I then bought an entropy key from the nice folks at Simtec via 
http://entropykey.co.uk

Short version is you plug it in, install the ekeyd package and even on a 
hardened installation the entropy pool never deviates from full up...

Now, at #30 it seems like a bargain for a fancy random number generator, 
but then I read that the daemon can be switched to pipe the data out in 
"egd" format and essentially you can have one machine supply high 
volumes of random numbers for a fair number of networked clients.  In my 
case this solves the problem of how to pipe entropy to some cheap rented 
servers where we don't get to touch the physical hardware...  Very nice

I have no relationship with the entropy-key guys other than being a 
happy customer.  They seem like a small shop and I think they deserve a 
plug (and really need to work on their presence via google... Searches 
on this stuff only turn up $400 alternatives... Sheesh)


For those who have no idea what this means, simply try: "cat 
/proc/sys/kernel/random/entropy_avail" - if the answer is bumping along 
in low triple digits then perhaps do a little experimentation along the 
lines of the above

Good luck

Ed W

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list