From owner-freebsd-hackers@FreeBSD.ORG Fri May 31 13:45:53 2013 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 2AD2FE5 for ; Fri, 31 May 2013 13:45:53 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wg0-x229.google.com (mail-wg0-x229.google.com [IPv6:2a00:1450:400c:c00::229]) by mx1.freebsd.org (Postfix) with ESMTP id B7FC22F5 for ; Fri, 31 May 2013 13:45:52 +0000 (UTC) Received: by mail-wg0-f41.google.com with SMTP id k13so732594wgh.4 for ; Fri, 31 May 2013 06:45:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; bh=Kf7hPZfGk1FatimGSgoVO5EITHiTuPCyZYl7lVoJkaY=; b=pKSjm5O2bL+cxXl7i7lWJsGICSvl5L4dxE7hSHZy7z9nWwM5yQwYbXcxnewpMEM5jU n6VtJJ/UAcMK3/X3aVByNOXk2oZbfH6cz+I16XI0+E5etwPgL4GA8kOoyoXFLCIlRS13 1umaFh3nepcQgHv/ROoKdYzrxdE74RTTvEZH18Fmq41m+cdhewPPa6zbKPFefpqQYxSV oW+o1bQ2H9aAos4DNRmbhhYxKpNtTg8vgR2AfK/G89SeuSPDXqAYwgDiYdFdFbcqPutI IWBbOh1dEhPhEKRhm+adyr/eiW4YpGJ65NfeM2Rcg8tRAHBNVYhrnOkUnjCBuYqkB90Y OLPA== X-Received: by 10.180.9.80 with SMTP id x16mr3274997wia.63.1370007951913; Fri, 31 May 2013 06:45:51 -0700 (PDT) Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk. [87.194.105.247]) by mx.google.com with ESMTPSA id fv11sm4043799wic.11.2013.05.31.06.45.50 for (version=SSLv3 cipher=RC4-SHA bits=128/128); Fri, 31 May 2013 06:45:51 -0700 (PDT) Date: Fri, 31 May 2013 14:45:49 +0100 From: RW To: freebsd-hackers@freebsd.org Subject: Re: seeding randomness in zee cloud Message-ID: <20130531144549.1193d3c4@gumby.homeunix.com> In-Reply-To: References: <0BF6FBDD-47E8-44F1-BA71-A355EDCDEDB6@webweaving.org> <20130531130243.18fb9a30@gumby.homeunix.com> X-Mailer: Claws Mail 3.9.0 (GTK+ 2.24.17; amd64-portbld-freebsd10.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 May 2013 13:45:53 -0000 On Fri, 31 May 2013 14:26:39 +0200 Dirk-Willem van Gulik wrote: > > Op 31 mei 2013, om 14:02 heeft RW het > >> # Activate software random generator as an additional > >> source sysctl kern.random.sys.harvest.swi=1 > > > > IIRC this doesn't do anything > > Thanks. So the man page says: > > The kern.random.sys.harvest.swi variable is used to select > software interrupts as an entropy source. A 0 (zero) value means > software inter- rupts are not considered as an entropy source. Set > the variable to 1 (one) if you wish to use them for entropy > harvesting. I don't think it ever got implemented, but for some reason the sysctl got left in. All it would have done is turn-on an additional entropy source. > but it is fair to assume that even when it is set to '0' (the default > observerd on 9.1-RELEASE) - that the randomness sent to /dev/random > is still mixed in ? Yes, if you are using the software generator then it's used. If you have direct hardware support you wont see the harvest sysctls and the input is harmlessly discarded. Most Ivy Bridge and newer AMD processors have RdRand these days.