[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: fix for no ssh

On Mon, Jul 08, 2019 at 02:40:16PM -0000, Curt wrote:
> Earlier I thought bullseye was some sort of idiom for Buster going live.
> Color me ignorant. 

Bullseye will be the next version of Debian after buster, probably in
2-3 years.  Cue the confusion about two similar-looking release names
back to back.

> So Debian Buster, as it now stands and I understand it, trusts in the
> correctness of the hardware random number generator, as well as in the
> absence of any back door that might compromise it, universally and
> without qualification, of every Debian Buster user's x86 cpu (default
> kernel command line CONFIG_RANDOM_TRUST_CPU), in the name of security.
> That's a safer solution than installing haveged? 

I don't have any opinions at this time about the trustworthiness of
various x86 CPU RDRAND instructions, but...

What on earth happened to simply saving entropy on disk across reboots?
Why isn't there an option simply to do that?  I get that it may be an
issue for certain kinds of virtual machines, but I give less than one
crap about virtual machines.  Can I get the previous sensible behavior
as an option for my physical machines?

Reply to: