26 Apr
2010
26 Apr
'10
7:43 a.m.
Hi Andy,
Thanks for the detailed response.
Unless you get entropy from somewhere else, the lack
of real
hardware devices means a lack of entropy which means things which
require a lot of entropy like setting up SSL connections under GNU
TLS may be slow. If you can't get enough entropy then yes, forcing
things to use /dev/urandom when they really wanted /dev/random might
be your only option.
The entropy keys sound very interesting, however it's probably
sufficient for my purposes to just link random->urandom (that's not an
open invitation for you all to attempt to compromise my box ;-)).
I found an article which gives the necessary udev runes here:
http://n0tablog.wordpress.com/2007/11/24/running-out-of-entropy-in-debian-e…
(otherwise a manual symlink will be lost on reboot).
I don't think many people verify certificates for
SMTP, not between
themselves and third parties anyway.
Cool...
Thanks for your help
Matt.