[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: lack of boot-time entropy on arm64 ec2 instances

On Wed, Jan 08, 2020 at 04:29:35PM -0500, Noah Meyerhans wrote:
> If the kernel team is supportive of the
> EFI_RNG+CONFIG_RANDOM_TRUST_BOOTLOADER approach, would folks be in
> favor of enabling haveged temporarily, until kernel support is
> available, or is it better to avoid it completely?

I prefer passing through hrng but would find haveged acceptable. Other
distros ship with haveged enabled for the same reason as we are debating

Ted provides another viewpoint in a separate reply to this thread that
also merits consideration.

Luca Filipozzi

Reply to: