Re: Handling of entropy during boot
On Mon, Jan 14, 2019 at 12:55:09PM +0100, Marco d'Itri wrote:
Agreed. I think that d-i should install rngd (or haveged? And why?) if
it detects a virtualized environment without virtio-rng.
Unless the cpu supports rdrand/rdseed, installing rng-tools5 won't
really change anything. If it does support those, it probably makes more
sense going forward to just enable CONFIG_RANDOM_TRUST_CPU rather than
installing another package.
As far as haveged, it's not clear how much better that is than the old
practice of having rngd read from /dev/urandom.