This is what I do at stage 1, regarding entropy gathering:

- start haveged service soon
- in background,
        - read 512 bytes from /dev/random and write them to /dev/urandom
        - write something to a pipe entropy_pipe

-meanwhile, do other stuff (filesystem checking, etc)

-in background,
         -read from entropy_pipe (blocks until ready)
         - start services that require /dev/urandom in a sane state

To my experience (common 1 user workstations) startup is very fast (1
or 2 secs).

Is this a terrible idea? Note that I'm not keeping an entropy seed
from shutdown into startup.

I use haveged just for accelerating initial entropy gathering,
otherwise everything that needs entropy uses /dev/urandom.

(Complete list of documentation found in the internet about haveged
suitability for this purpose, plus info about copying from /dev/random
to /dev/urandom: )



Jorge Almeida

Reply via email to