[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: random translator
|
From: |
Michael Banck |
|
Subject: |
Re: random translator |
|
Date: |
Thu, 31 Mar 2005 16:30:11 +0200 |
|
User-agent: |
Mutt/1.5.6+20040907i |
On Thu, Mar 31, 2005 at 09:57:12PM +0900, Andre Caldas wrote:
> >enthropy gathering is the hardest part, but _any_ /dev/random would be
> >better then nothing... right? well except for the false-sense of
> >security issue but once their is something, it can be improoved... If
> >this hasn't been done yet, i'll definetly be down to work on it.
>
> It seems that you already understand the issue. But don't expect
> everybody to agree with your "better then nothing"... (maybe you just
> started a war).
Well, I think there are two seperate issues. For Debian GNU/Hurd (or
any other distribution) "better than nothing" is good enough for the
time being. Actually, I have packaged egd (gnupg's entropy gathering
daemon) over easter, it's at
http://people.debian.org/~mbanck/hurd/egd_0.9-1_all.deb
You need to tweak gnupg and openssh at build time in order to use it
though I believe, but I'm interested in any success with that (I haven't
really tested the package). We should still make it clear that this is
not appropriate security of course, but it's better than everybody
copying /bin/bash to /dev/random.
The other issue is upstream. I think it is clear that no half-assed
solution will be accepted there, so if anybody wants to work on the
entropy translator to rule them all, they should get advice from the
upstream hackers (most notably marcus, probably)
Michael