Re: lack of boot-time entropy on arm64 ec2 instances

To: debian-cloud@lists.debian.org
Subject: Re: lack of boot-time entropy on arm64 ec2 instances
From: Luca Filipozzi <lfilipoz@emyr.net>
Date: Thu, 9 Jan 2020 00:41:28 +0000
Message-id: <[🔎] 20200109004128.klwpvpmhmrnejq4y@snafu.emyr.net>
In-reply-to: <[🔎] 20200108212935.GF31539@morgul.net>
References: <[🔎] 20200108194813.GD31539@morgul.net> <[🔎] 20200108201713.bltwcjzo6d5doerb@snafu.emyr.net> <[🔎] 20200108212935.GF31539@morgul.net>

On Wed, Jan 08, 2020 at 04:29:35PM -0500, Noah Meyerhans wrote:
> If the kernel team is supportive of the
> EFI_RNG+CONFIG_RANDOM_TRUST_BOOTLOADER approach, would folks be in
> favor of enabling haveged temporarily, until kernel support is
> available, or is it better to avoid it completely?

I prefer passing through hrng but would find haveged acceptable. Other
distros ship with haveged enabled for the same reason as we are debating
here.

Ted provides another viewpoint in a separate reply to this thread that
also merits consideration.

-- 
Luca Filipozzi

Reply to:

Follow-Ups:
- Re: lack of boot-time entropy on arm64 ec2 instances
  - From: Luca Filipozzi <lfilipoz@emyr.net>

References:
- lack of boot-time entropy on arm64 ec2 instances
  - From: Noah Meyerhans <noahm@debian.org>
- Re: lack of boot-time entropy on arm64 ec2 instances
  - From: Luca Filipozzi <lfilipoz@emyr.net>
- Re: lack of boot-time entropy on arm64 ec2 instances
  - From: Noah Meyerhans <noahm@debian.org>

Prev by Date: Re: lack of boot-time entropy on arm64 ec2 instances
Next by Date: Re: lack of boot-time entropy on arm64 ec2 instances
Previous by thread: Re: lack of boot-time entropy on arm64 ec2 instances
Next by thread: Re: lack of boot-time entropy on arm64 ec2 instances
Index(es):
- Date
- Thread