Hi, I just realized that the hardened profile sets USE=urandom. I think this is a very bad idea because for example using /dev/urandom in a virtual machine can result in getting very bad and not-so-random randomness. Because one appliaction or another may slow down when using /dev/random this can be solved by using sys-apps/haveged which should give much better randomness than urandom does. Thoughts?
(In reply to Marc Schiffbauer from comment #0) > Hi, > > I just realized that the hardened profile sets USE=urandom. > > I think this is a very bad idea because for example using /dev/urandom in a > virtual machine can result in getting very bad and not-so-random randomness. > > Because one appliaction or another may slow down when using /dev/random this > can be solved by using sys-apps/haveged which should give much better > randomness than urandom does. > > Thoughts? Sorry for the delay, I just saw this going thorugh old bugs. It may be the case that this is bad pseudo random numbers, but random blocks. What I recommend is running haveged, especially in a vm, to generate extra entropy. I'll let you close this if you think that's good enough.
The point is: If you use haveged, you can use /dev/random very well. I don#T think haveged will make randomness of /dev/urandoma any better won't it?
Ping?
http://www.2uo.de/myths-about-urandom/ I dont really see a big problem with urandom. and if you want you can just use haveged too.
Thanks, convinced. Then please close ;)
