> This is particularly true on things like embedded routers, where the
> machine usually doesn't actually _run_ much user-level software, but is
> just shuffling packets back and forth. Your logic seems to make it not add
> any entropy from those packets, which can be _deadly_ if then the router
> is also used for occasionally generating some random numbers for other
> things.
Agreed. Further, embedded routers - since they are headless/diskless -
have problems even with the _current_ /dev/random code. They simply do
not generate enough entropy to fulfill sshd requests [1].
Saying "use /dev/urandom" in this case means we may as well not have a
/dev/random. There is a difference between incorrect accounting (which
it seems you have identified) and just too strict gathering behavior.
Robert Love
[1] this is why I wrote my netdev-random patches. some machines just
have to take the entropy from the network card... there is nothing
else.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/