From owner-freebsd-stable Fri Oct 4 8: 6:27 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F390437B401 for ; Fri, 4 Oct 2002 08:06:26 -0700 (PDT) Received: from yertle.kciLink.com (yertle.kcilink.com [216.194.193.105]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9F79443E42 for ; Fri, 4 Oct 2002 08:06:26 -0700 (PDT) (envelope-from khera@kciLink.com) Received: from onceler.kciLink.com (onceler.kciLink.com [216.194.193.106]) by yertle.kciLink.com (Postfix) with ESMTP id 3902A2178D for ; Fri, 4 Oct 2002 11:06:26 -0400 (EDT) Received: by onceler.kciLink.com (Postfix, from userid 100) id 13C653DB8; Fri, 4 Oct 2002 11:06:26 -0400 (EDT) From: Vivek Khera MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15773.44657.957038.146065@onceler.kciLink.com> Date: Fri, 4 Oct 2002 11:06:25 -0400 To: stable@freebsd.org Subject: Re: IPSEC warning -- what are alternatives? In-Reply-To: <3D9DAB2D.3060306@potentialtech.com> References: <15773.39612.629029.716325@onceler.kciLink.com> <3D9DAB2D.3060306@potentialtech.com> X-Mailer: VM 7.07 under 21.4 (patch 8) "Honest Recruiter" XEmacs Lucid Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG >>>>> "BM" == Bill Moran writes: BM> Read "man 4 random", and pay special attention to the paragraph about BM> urandom and random. Thanks for the tip. I read through that, but I don't see anywhere how to tell IPsec which random source to use, other than some patches to openssl to make it use a crypto hardware source. I already have rand_irqs set in my rc.conf to my ethernet and disk controller interrupts, so /dev/random should do pretty well. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message