On Wed, Jan 08, 2020 at 02:48:13PM -0500, Noah Meyerhans wrote: > We add haveged to the arm64 EC2 AMI. This appears to work, and is > something we can do today. The debian-installer has previously used > haveged to ensure reasonable entropy during installation, so there is > some precident for this.
Every time I propose the use of haveged to resolve entropy starvation, I get reactions from crypto folks saying that it's not a valid solution. They invariably suggest that passing hardware RNG through to the VM is the appropriate choice. The latest such reaction being from mjg59. See: https://twitter.com/mjg59/status/1181423056268349441 https://twitter.com/LucaFilipozzi/status/1181426253636755457 -- Luca Filipozzi
