On Tue, Oct 8, 2013 at 2:58 PM, George B <[email protected]> wrote: > I would be very interested in this topic as well. The application I have in > mind for this BBB relies on making varying amounts of SSL connections. In a > test today I believe I ran the pool out of entropy and some handshakes would > hang for a while before completing (typical SSL handshake would take about > 1/2 a second but some would hang for 2 to 4 seconds before completing). > Basically the performance is such that I can't use it for the desired > application but getting the hwrng working would likely change everything. > This unit is operating "headless" with no kbd/mouse or anything except > network connected. I finally did break down and installed rng-tools to use > /dev/urandom to seed /dev/random but I see that as basically a quick/dirty > workaround. Even tried adding randomsound to add some entropy but that > didn't seem to make any difference. >
A hardware RNG is a nice thing to have, but the idea that /dev/urandom is somehow 'bad' or 'insecure' is completely flawed: it is a PRNG and is designed to generate an infinite random stream that is indistinguishable from a 'true' RNG, once it is seeded properly. I don't know the details about how Ansgstrom, etc. do this, but typically Linux seeds the PRNG from /dev/random, mixing system state so as long as you are not getting any errors while seeding the PRNG, using /dev/urandom is perfectly fine. -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
