seeding randomness in zee cloud
RW
rwmaillists at googlemail.com
Fri May 31 13:45:53 UTC 2013
On Fri, 31 May 2013 14:26:39 +0200
Dirk-Willem van Gulik wrote:
>
> Op 31 mei 2013, om 14:02 heeft RW <rwmaillists at googlemail.com> het
> >> # Activate software random generator as an additional
> >> source sysctl kern.random.sys.harvest.swi=1
> >
> > IIRC this doesn't do anything
>
> Thanks. So the man page says:
>
> The kern.random.sys.harvest.swi variable is used to select
> software interrupts as an entropy source. A 0 (zero) value means
> software inter- rupts are not considered as an entropy source. Set
> the variable to 1 (one) if you wish to use them for entropy
> harvesting.
I don't think it ever got implemented, but for some reason the sysctl
got left in. All it would have done is turn-on an additional entropy
source.
> but it is fair to assume that even when it is set to '0' (the default
> observerd on 9.1-RELEASE) - that the randomness sent to /dev/random
> is still mixed in ?
Yes, if you are using the software generator then it's used. If you
have direct hardware support you wont see the harvest sysctls and the
input is harmlessly discarded. Most Ivy Bridge and newer AMD
processors have RdRand these days.
More information about the freebsd-hackers
mailing list