Date: Fri, 31 May 2013 14:45:49 +0100 From: RW <rwmaillists@googlemail.com> To: freebsd-hackers@freebsd.org Subject: Re: seeding randomness in zee cloud Message-ID: <20130531144549.1193d3c4@gumby.homeunix.com> In-Reply-To: <F4461210-9925-40EB-A31E-69DACD2BE9F7@webweaving.org> References: <0BF6FBDD-47E8-44F1-BA71-A355EDCDEDB6@webweaving.org> <20130531130243.18fb9a30@gumby.homeunix.com> <F4461210-9925-40EB-A31E-69DACD2BE9F7@webweaving.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 31 May 2013 14:26:39 +0200 Dirk-Willem van Gulik wrote: > > Op 31 mei 2013, om 14:02 heeft RW <rwmaillists@googlemail.com> het > >> # Activate software random generator as an additional > >> source sysctl kern.random.sys.harvest.swi=1 > > > > IIRC this doesn't do anything > > Thanks. So the man page says: > > The kern.random.sys.harvest.swi variable is used to select > software interrupts as an entropy source. A 0 (zero) value means > software inter- rupts are not considered as an entropy source. Set > the variable to 1 (one) if you wish to use them for entropy > harvesting. I don't think it ever got implemented, but for some reason the sysctl got left in. All it would have done is turn-on an additional entropy source. > but it is fair to assume that even when it is set to '0' (the default > observerd on 9.1-RELEASE) - that the randomness sent to /dev/random > is still mixed in ? Yes, if you are using the software generator then it's used. If you have direct hardware support you wont see the harvest sysctls and the input is harmlessly discarded. Most Ivy Bridge and newer AMD processors have RdRand these days.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130531144549.1193d3c4>