On Wed, 2019-01-16 at 11:05 +0100, Guido Günther wrote: > Hi, > On Mon, Jan 14, 2019 at 05:56:20PM +0100, W. Martin Borgert wrote: > > Quoting Michael Stone <mst...@debian.org>: > > > Unless the cpu supports rdrand/rdseed, installing rng-tools5 > > > won't > > > really change anything. If it does support those, it probably > > > makes more > > > sense going forward to just enable CONFIG_RANDOM_TRUST_CPU rather > > > than > > > installing another package. > > > > This option is only available for some architectures (X86, S390, > > PPC)? > > What about the others? > > There's also jitterentropy-rngd which does the trick but I haven't > looked at the security implications. > -- Guido
FWIW I've been using jitterentropy-rngd and rng-tools in production for years, in Azure/VMWare/AWS x86 VMs, exactly for this problem. Haven't been hacked so far... as far as I know :-) -- Kind regards, Luca Boccassi
signature.asc
Description: This is a digitally signed message part
