This is what I do at stage 1, regarding entropy gathering:
- start haveged service soon
- in background,
- read 512 bytes from /dev/random and write them to /dev/urandom
- write something to a pipe entropy_pipe
-meanwhile, do other stuff (filesystem checking, etc)
-in background,
-read from entropy_pipe (blocks until ready)
- start services that require /dev/urandom in a sane state
To my experience (common 1 user workstations) startup is very fast (1
or 2 secs).
Is this a terrible idea? Note that I'm not keeping an entropy seed
from shutdown into startup.
I use haveged just for accelerating initial entropy gathering,
otherwise everything that needs entropy uses /dev/urandom.
(Complete list of documentation found in the internet about haveged
suitability for this purpose, plus info about copying from /dev/random
to /dev/urandom:
https://rationalwiki.org/wiki/File:Tumbleweed.gif )
Comments?
Thanks
Jorge Almeida
Received on Tue Sep 26 2017 - 16:20:57 UTC
