yellow team mailing list archive

Thread
Date

Re: progress

To: yellow@xxxxxxxxxxxxxxxxxxx
From: Francesco Banconi <francesco.banconi@xxxxxxxxxxxxx>
Date: Wed, 21 Mar 2012 14:51:48 +0100
In-reply-to: <CAC8tyQ7On947N3HXtp2qi_=o3AxZcY9AnOuyO1Sbe=593YUaVA@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120313 Thunderbird/11.0

On 03/21/2012 01:20 PM, Benji York wrote:

> Since we have to map the file anyway, we can try mapping /dev/random to
> /dev/urandom.  If that works, we can set up the containers so their
> /dev/random is really /dev/urandom and hope no one ever tries to
> generate keys on them.

I've used rng-tools to feed /dev/random with data from /dev/urandom in
the slave host.

apt-get install rng-tools
echo "HRNGDEVICE=/dev/urandom" >> /etc/default/rng-tools
/etc/init.d/rng-tools start

You can the check /dev/random does not block (in the host):
for i in $(seq 1000); do head -1 /dev/random > /dev/null; done

-- 
Francesco Banconi

References

progress
From: Gary Poster, 2012-03-21
Re: progress
From: Gary Poster, 2012-03-21
Re: progress
From: Benji York, 2012-03-21