Hi Sarah, On Mon, Oct 05, 2015 at 09:12:47PM -0700, Sarah Newman wrote: > On 10/05/2015 08:35 PM, Andy Smith wrote: > > So, I've been keeping (PV) domUs topped up with entropy by giving > > them access to hardware RNGs (initially Entropy Keys, but since the > > company making them failed I've switched to OneRNGs). > > This is not a satisfactory solution for us because even if we were > willing to do USB passthrough, the number of hardware devices > needed would be expensive and difficult to manage.
I don't find it a problem as: - Your typical EntropyKey or OneRNG can generate quite a bit of entropy. Maybe 32 kilobytes per second for ~$50 each. - You can access them over the network so no USB passthrough needed. - Making it opt-in means only people who actually know and care what entropy is will use it. :) So for me it's a somewhat hacky but still scalable solution. My main concern is that it's going to some length to provide a service that isn't actually required. Cheers, Andy -- > I'd be interested to hear any (even two word) reviews of their sofas… Provides seating. — Andy Davidson _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
