On Vi, 16 oct 20, 12:28:13, Jesper Dybdal wrote: > The Buster release notes warn about a possibly insufficient entropy source > during boot and recommends installing "haveged" on systems with that > problem. > > I run a few Stretch systems on old processors that do not support the RDRAND > instruction. > > Can I simply install "haveged" on the Stretch systems *before* the upgrade > to Buster to avoid problems during the upgrade? Short version: I wouldn't bother unless it's a problem in practice. Long version: In my understanding using haveged is less secure than "real" entropy. The lack of entropy is mostly an issue for systems you access via SSH with very few other things "going on". E.g. a PINE A64 did exhibit some problems with a minimal buster install and no or very limited connections. They disappeared as soon as I connected more stuff to it (ethernet, USB HDD rack, etc.) because the kernel can use any kind of activity as a source of entropy. If you have local access to the system simply pressing keys on the keyboard will provide entropy and eventually allow the system to reach the login prompt. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser
Attachment:
signature.asc
Description: PGP signature