Re: [gentoo-hardened] Bought an "entropy-key" - very happy

public inbox for gentoo-hardened@lists.gentoo.org
 help / color / mirror / Atom feed

From: Ed W <lists@wildgooses.com>
To: gentoo-hardened@lists.gentoo.org
Subject: Re: [gentoo-hardened] Bought an "entropy-key" - very happy
Date: Thu, 25 Mar 2010 20:17:12 +0000	[thread overview]
Message-ID: <4BABC4C8.2080603@wildgooses.com> (raw)
In-Reply-To: <4BABB06F.5232.1636AE96@pageexec.freemail.hu>

On 25/03/2010 17:50, pageexec@freemail.hu wrote:
> On 25 Mar 2010 at 13:10, Rob Kendrick wrote:
>
>    
>> it goes to extraordinary lengths to make sure the entropy that is
>> injected into your pool can't be sniffed before it gets there,
>>      
> out of curiosity, what's that mean exactly?
>
>    

I believe that the random numbers are encrypted out of the device?  I 
say that because when you start up the userspace daemon you tell it a 
long random number supplied with the device.  I assume this is designed 
to make sure that some local process can't sniff the entropy (over the 
USB bus, or whatever) before it's added to the kernel pool?

Although this seems like a basic feature for an entropy source, it 
wasn't particularly a feature I was looking for.  From my point of view 
it just seemed like a cheap plentiful entropy source which works pretty 
much out of the box just by plugging in...

Cheers

Ed W

next prev parent reply	other threads:[~2010-03-25 20:17 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-03-23 20:39 [gentoo-hardened] Bought an "entropy-key" - very happy Ed W
2010-03-23 21:02 ` lists
2010-03-25 13:10   ` Rob Kendrick
2010-03-25 17:50     ` pageexec
2010-03-25 20:12       ` Rob Kendrick
2010-03-25 19:38         ` pageexec
2010-03-25 23:53           ` Ed W
2010-03-26  0:36           ` Rob Kendrick
2010-03-25 20:17       ` Ed W [this message]
2010-03-25 20:21         ` Rob Kendrick
2010-03-25 13:30   ` Ed W
2010-03-25 19:23     ` lists
2010-03-25 19:34       ` Tóth Attila
2010-03-25 20:11       ` Rob Kendrick
2010-03-25 20:34         ` Ed W
2010-03-25 20:41           ` RB
2010-03-25 21:08           ` Tom Hendrikx
2010-03-26 14:15           ` Brian Kroth
2010-03-26 15:19             ` Rob Kendrick
2010-03-27 13:11             ` Ed W

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4BABC4C8.2080603@wildgooses.com \
    --to=lists@wildgooses.com \
    --cc=gentoo-hardened@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox