More secure random entropy pool #33
Assignees
Labels
enhancement
New feature or request
Comments
|
A section for hardware based entropy tools could be nice too for example https://www.crowdsupply.com/13-37/infinite-noise-trng |
|
@branneman Wow. That is great. I had never even considered that. Will work on adding it. Thanks! |
|
@pahakalle Now that is interesting. I'd be worried about trusting the hardware tech. I'll do some research. Thanks! |
|
Added something basic for now. I'll add more detail when I have time. |
|
Thanks again! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for this How-To guide, I'm happy this project exists!
A lot of linux servers are headless (no keyboard/mouse/monitor), and therefore have less sources for good entropy as there is no human interaction beyond ssh. There have been cases of headless servers generating predictable ssh keys after boot. [1]
Thus it can be reasoned that security can be increased by setting up additional sources for entropy. A simple
sudo apt-get install rng-toolson debian-based distro's already adds value, but there might be more tools available.I suggest adding this as a section to the guide.
Sources:
The text was updated successfully, but these errors were encountered: