dnssec-keygen not responding
Paul Wouters
paul at xelerance.com
Thu Dec 1 03:29:50 UTC 2011
On Wed, 30 Nov 2011, Michael Graff wrote:
> On Nov 30, 2011, at 3:01 AM, Torsten Segner wrote:
>> In RHEL there is a RPM package called unuran.
>> It's a random number generator daemon using either a piece of hardware or /dev/urandom as source. Running this will provide enough entropy to create lots of keys.
>
> I'd be rather wary of keys made from /dev/urandom but I am often times a paranoid security freak.
>
> For my VM environment, I bought a USB random source, and share it across the VMs with a little daemon I wrote. Of course, you could just map the RNG into the VM you need too, and even move it around.
For KVM, the whole virtio was supposed to have fixed this. I've asked related developers since
the xen2 days for feeding host /dev/random into the guest. It's still failing everywhere :(
Paul
More information about the bind-users
mailing list