On Thu, Jul 11, 2019 at 05:12:03PM +0300, Reco wrote:
> On Thu, Jul 11, 2019 at 12:03:53PM +0000, Andy Smith wrote:
> > I think the wiki article at
> > https://wiki.debian.org/BoottimeEntropyStarvation really shows that
> > currently there is no such consensus available, as every solution
> > listed (except buying extra entropy hardware)
> That one is bad too.
> Hardware random generator is not used by kernel directly, it requires
> userspace program (such as hwrngd).
> So, even if you put it into initrd alongside with the needed kernel
> modules, there's still a noticeable delay between 'kernel rng is needed'
> and 'sufficient entropy is available'.

With no modifications and RDRAND instruction disabled, a Debian
buster VM I just created gets to crng: done in 49 seconds. By adding
the userspace daemon for EntropyKey, it gets there in 10 seconds.
Allowing RDRAND it gets there in 2 seconds.

I haven't tested it with my OneRNG devices yet.

I suspect I could also make the EntropyKey daemon start sooner if I


