rngd
Originally created by Tails on #5650 (Redmine)
In his talk at LinuxCon Europe 2012 about random number generation on
Linux, H. Peter Anvin strongly
advises to run rngd (from
rng-tools.
rngd acts as a bridge between a Hardware TRNG (true random number generator) such as the ones in some Intel/AMD/VIA chipsets, and the kernel’s PRNG.
About haveged: "So, while I can’t really recommend it, I can’t not recommend it either." If you are going to run HAVEGE, Peter strongly recommended running it together with rngd, rather than as a replacement for it.
Roadmap
How to convince haveged and rngd to play together nicely. Can we just install both and be done with it?
According to H. Peter Anvin’s slides, haveged "can be run in parallel with rngd".
Let’s try that.
Debian package need some care, call for co-maintainer on Debian bug #542599. The package is actually a bit behind the ubuntu one, doesn’t include support for TPM hardware, which is the only one I could try. In a Tails VM, once installed the rngd daemon fail to start given there’s no hardware available.
Feature Branch: feature/5650-rngd
Related issues
- Related to #7102
- Related to #6116
- Related to #7675 (closed)
- Related to #7687 (closed)
- Related to #11758 (closed)
- Related to #17154