On Sat, Nov 10, 2012 at 06:33:59AM +0700, Robert Elz wrote: > > | That's more serious, then. That means something on your system is pulling > | a comparatively huge number of bits from the general-purpose kernel RNG > | instance, and nothing's putting enough bits into the pool to rekey it. > > I do do a fair amount of ssh'ing (not unusual for a dozen xterms all to have > ssh clients running in them, and some of them stop and restart moderately > frequently - stupid NAT in the path that keeps screwing up). Unless a
No, the cprng named "kernel" is used _inside_ the kernel. It shouldn't be depleted by use of ssh. Thor
