bet at rahul.net
Tue Apr 6 12:53:34 PDT 2004
I think you're working too hard on this.
Let compilations with ssp drain /dev/random, by way of /dev/urandom.
Yup, on that compile host there might be performance problems w/
sshd, and slightly weaker crypto on things sucking keys out of
/dev/urandom, during a compile.
But the resulting built system will have strong randomization in its
compiled code, and running it won't be sucking down entropy, only
When /dev/urandom empties /dev/random, that doesn't mean it's
suddenly weak crypto; it's still a strong PRNG with a big state and
--- here's the important bit --- a high-entropy, hard-to-guess
initial seed. Plus some infusion of occasional real entropy, makes
probably stir up the disks a bit:-).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the hlfs-dev