Just use /dev/urandom as random device after reading a single byte from
/dev/random to ensure the CSPRNG has been seeded.
The unsuitability of /dev/urandom for cryptographic purposes is just a myth.
You are more likely affected by seeding all the instances from the same seed
saved in the image
On 01-Aug-22 18:29, Grant Taylor wrote:
On 8/1/22 4:21 PM, Greg Choules via bind-users wrote:
Off the top of my head, could it be this?
random-device
...
BIND will need a good source of randomness for crypto operations.
Drive by plug: If it is lack of entropy, try installing and running
if the problem continues.
Thanks so much for your help!
From: Greg Choules
Date: Monday, August 1, 2022 at 6:21 PM
To: White, Peter
Cc: bind-users@lists.isc.org
Subject: Re: Bind 9.11/RHEL7 Server Freezes FUTEX_WAKE_PRIVATE
CAUTION: This email originated from outside of Penguin Random House. Please
On 8/1/22 4:21 PM, Greg Choules via bind-users wrote:
Off the top of my head, could it be this?
random-device
...
BIND will need a good source of randomness for crypto operations.
Drive by plug: If it is lack of entropy, try installing and running
Haveged. At least as a troubleshooting
Hi Peter.
Off the top of my head, could it be this?
random-device
The source of entropy to be used by the server. Entropy is primarily needed
for DNSSEC operations, such as TKEY transactions and dynamic update of
signed zones. This options specifies the device (or file) from which to
read
5 matches
Mail list logo