Here's a project which replaces the /dev/random driver, using the Linux Crypto API. The default algorithms are sha256 and aes128 (vanilla kernel uses sha).
http://jlcooke.ca/random/ Looks like the throughput is much better, and there are various other improvements. I think the general idea is that it's becoming feasible for a mainframe to brute force the sha hashed random data produced by a headless system faster than the system can produce it, and allow the faster system to predict it. Using an aes cipher would fix this, and aes is more efficient at inflating the real entropy so the real entropy is conserved better. robert
pgpN0vyyCDYEL.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
