2.6 Kernel and POP issues

[Robert T. Covell]

Looking over my start up scripts I found that the system is using
urandom and not random.

Should I be using the compile option: --with-egd-socket
>From the configure explanation I would not think so.

If in fact urandom is being used and the entropy pool is working would
there be anything else I can look at to gleam light on the issue?

Thanks,
-Bob

----rc.S Snippet----
# Carry an entropy pool between reboots to improve randomness.
if [ -f /etc/random-seed ]; then
  echo "Using /etc/random-seed to initialize /dev/urandom."
  cat /etc/random-seed > /dev/urandom
fi
# Use the pool size from /proc, or 512 bytes:
if [ -r /proc/sys/kernel/random/poolsize ]; then
  dd if=/dev/urandom of=/etc/random-seed count=1 bs=$(cat
/proc/sys/kernel/random/poolsize) 2> /dev/null
else
  dd if=/dev/urandom of=/etc/random-seed count=1 bs=512 2> /dev/null
fi
chmod 600 /etc/random-seed




-----Original Message-----
From: Wesley Craig [mailto:wes at umich.edu] 
Sent: Monday, November 27, 2006 6:17 PM
To: Robert T. Covell
Cc: info-cyrus at lists.andrew.cmu.edu
Subject: Re: 2.6 Kernel and POP issues

On 27 Nov 2006, at 18:20, Robert T. Covell wrote:
> Other articles I have read reference how to set it up.  My setup seems
> to be similar to what I have seen.  From the below article it is
> possible that I need to fill up the entropy pool.  Are their other  
> ways
> to do this aside from running find /.?  Or examples of how to  
> "tune" it
> (if possible).

Assuming this is the problem, the "fix" is to use /dev/urandom rather  
than /dev/random.  The difference is that /dev/urandom always returns  
bytes, whether or not there is sufficient entropy.  Another fix would  
be to run on a machine with a hardware entropy generator.

> If this turns out to be the issue does anyone know what would have
> changed from 2.4 to 2.6 (which I know is a lot), but in regards to
> entropy?

Linux 2.4 didn't have a secure /dev/random, at least not be default.   
2.6 does by default.

:wes