Removing the Linux /dev/random blocking pool
Removing the Linux /dev/random blocking pool
Posted Jan 7, 2020 13:45 UTC (Tue) by kooky (subscriber, #92468)Parent article: Removing the Linux /dev/random blocking pool
I my current job (system admin, database programmer), I've had some many problems over the years caused /dev/random blocking. From CGI type programs which became fork rate limited, to java/tomcat not starting on virtual machines.
I solved the problem years ago by installing Entropykeys in every machine. Now I do the same with chaoskeys.
I'm not even sure if chaoskeys will actually do anything useful under the new system?
(Log in to post comments)
Posted Jan 7, 2020 19:14 UTC (Tue)
by nix (subscriber, #2304)
[Link]
They're still mixing more entropy in, even if the kernel no longer bothers to block reads if there is insufficient entropy (after initialization). (AIUI, it can still block *additions* of entropy when there *is* believed to be sufficient entropy in the pool, so things like the chaoskey don't needlessly eat CPU time throwing entropy into the pool when it already probably has lots and nobody's using any of it.)
Removing the Linux /dev/random blocking pool