On Mon, 04 Jun 2012 09:47:57 +0200 Tobias Powalowski wrote:

Ok as discussed on IRC, haveged seems the better choice because rng-tools need a real hw generator to work correct.

Why not both. Multiple sources will probably increase the unpredictability and strength or reduce the effectiveness of predictability flaws (not saying there are any), which should be a factor as well. Ideally the IDE timings will be expanded to include all sorts of timings but I think that's the kernel devs not Arches remit. Maybe as this is a functional problem it may get enough attention from the kernel devs? Funnily enough a mail, though the link is quite old now just hit the OpenBSD list. _______________________________________________________________________ An interesting read for sysops and admins. The analytics indirectly validate openBSD dev's longstanding pedantic-ness regarding random-ness and entropy (thank you). http://www.h-online.com/security/news/item/RSA-keys-not-as-random-as-they-sh... _______________________________________________________________________