[arch-general] [arch-gen] does using tmp-rng enables tpm at all?

Javier Vasquez j.e.vasquez.v at gmail.com
Wed Dec 24 20:53:04 UTC 2014


On Wed, Dec 24, 2014 at 1:45 PM, Javier Vasquez <j.e.vasquez.v at gmail.com> wrote:
> Hi,
>
> Seems like on i5 and i7 chips the way to get random numbers through HW
> is to use tpm-rng (intel-rng is no longer available for them).  An by
> reading [1] seems like a pretty good idea.
>
> However I have no intention to use tpm at all, neither I want any
> possibility to get any one monitoring my machine, which is one of the
> possible use cases with tpm.
>
> Does one, just by using tpm to feed entropy, open any door on linux
> for any other tpm functionality?  Or is it totally safe to use
> tpm-rng?

Never mind, dropped it already.  Seems like rng-tools can't read
tpm-rng from i5/i7 any ways (even by having /dev/hwrng and /dev/tpm0),
so no need to find out if I can't get it working any ways.

Thanks,

-- 
Javier


More information about the arch-general mailing list