Re: PV random device

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Andy Smith <andy@strugglers.net>
To: Sarah Newman <srn@prgmr.com>
Cc: xen-devel <xen-devel@lists.xenproject.org>
Subject: Re: PV random device
Date: Tue, 6 Oct 2015 04:29:07 +0000	[thread overview]
Message-ID: <20151006042904.GJ4243@bitfolk.com> (raw)
In-Reply-To: <56134A3F.3090809@prgmr.com>

Hi Sarah,

On Mon, Oct 05, 2015 at 09:12:47PM -0700, Sarah Newman wrote:
> On 10/05/2015 08:35 PM, Andy Smith wrote:
> > So, I've been keeping (PV) domUs topped up with entropy by giving
> > them access to hardware RNGs (initially Entropy Keys, but since the
> > company making them failed I've switched to OneRNGs).
> 
> This is not a satisfactory solution for us because even if we were
> willing to do USB passthrough, the number of hardware devices
> needed would be expensive and difficult to manage.

I don't find it a problem as:

- Your typical EntropyKey or OneRNG can generate quite a bit of
  entropy. Maybe 32 kilobytes per second for ~$50 each.

- You can access them over the network so no USB passthrough needed.

- Making it opt-in means only people who actually know and care what
  entropy is will use it. :)

So for me it's a somewhat hacky but still scalable solution. My main
concern is that it's going to some length to provide a service that
isn't actually required.

Cheers,
Andy

-- 
> I'd be interested to hear any (even two word) reviews of their sofas…
Provides seating.
 — Andy Davidson

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

next prev parent reply	other threads:[~2015-10-06  4:29 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-10-06  1:33 PV random device Sarah Newman
2015-10-06  3:35 ` Andy Smith
2015-10-06  4:12   ` Sarah Newman
2015-10-06  4:29     ` Andy Smith [this message]
2015-10-06  4:34       ` Sarah Newman
2015-10-06  4:50       ` Steven Haigh
2015-10-06  5:18         ` Andy Smith
2015-10-06  7:40           ` Sarah Newman
2015-10-06  9:15 ` Ian Campbell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20151006042904.GJ4243@bitfolk.com \
    --to=andy@strugglers.net \
    --cc=srn@prgmr.com \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.