dnssec-keygen not responding
Michael Graff
mgraff at isc.org
Thu Dec 1 17:56:12 UTC 2011
I'm using an Araneus Alea I, from http://www.araneus.fi/products-alea-eng.html. I'm sure others would work as well. I know the creator of this device personally though, so it's the one sticking out of the back of the box I own. :)
As for the daemon, well, I may have to find the time to clean it up. :)
Basically, I map the USB dongle into one VM I use for "control stuff" that doesn't run anything else, and is running a scaled down NetBSD install under VMWare. The daemon accepts connections over TCP, and sends chunks of randomness to whoever asks, as much as they request, when it is available.
The receiver then encrypts the data with a 128-bit key to scramble it further, and feeds it into the system's random pool. From there on, /dev/random just works. It basically attempts to keep the random pool full, so while /dev/random may block, it won't do so for very long. I believe the daemon checks once every 100ms or so.
--Michael
On Dec 1, 2011, at 5:17 AM, Jan-Piet Mens wrote:
> On Wed Nov 30 2011 at 20:45:30 CET, Michael Graff wrote:
>
>> For my VM environment, I bought a USB random source, and share it
>> across the VMs with a little daemon I wrote.
>
> Would you be willing to give us a few more details, such as the name of
> the USB random source generator (is it an Entropy Key) ?
>
> Of course, if you do tell us what hardware you're using, the next thing
> will be we'll want a copy of your unofficial little daemon ... ;-)
>
> Regards,
>
> -JP
More information about the bind-users
mailing list