[Opendnssec-user] ods-signerd calling vmstat?!?
Rickard Bellgrim
rickard at opendnssec.org
Mon Sep 2 12:52:04 UTC 2013
> I didn't find build instructions to say "use local entropy devices/daemons
> whenever available" let alone "require their service at startup". What a
> pitty -- it sounds like they leave it to SoftHSM to do this work, even if
> the OS has proper sources of entropy.
>
Botan do try to use e.g. /dev/random, /dev/srandom,
/dev/urandom, /var/run/egd-pool, /dev/egd-pool before trying the unix
commands. (Botan 1.11 will do EGD after the unix commands)
http://botan.randombit.net/doxygen/global__rng_8cpp_source.html#l00065
If we would add entropy sources directly in SoftHSM, I think would do
similar to how Botan is doing it. So it is much better to leave it to
Botan. Just that we verify the build flags.
// Rickard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20130902/ec54c923/attachment.htm>
More information about the Opendnssec-user
mailing list