On Tue, Jan 04, 2011 at 10:42:09PM +0000, Ed W wrote:
> I have a couple now (I have several machines compiled with "hardened" pax
> and that depletes entropy extremely quickly) and they are very simple to
> install and extremely cheap. I believe they are even fast enough that you
> can buy fewer than you have servers and distribute the entropy using the
> EGD protocol (helpful for virtualised server pools)
Overkill for Postfix. The internal PRNG in OpenSSL plus tlsmgr
retaining state across sessions, with only occasional seeding from
/dev/urandom is more than sufficient for Postfix. Postfix does not
"deplete" entropy.
--
Viktor.
