rng-tools / rng-utils / core functionality vs extras ?
Paul Wouters
paul at xelerance.com
Wed Oct 11 14:44:19 UTC 2006
Hi,
There was some discussion (caused by me) on hardware RNG and /dev/random and
/dev/hw* devices. The conclusion seems to be that the only "valid" way of
using hardware random is by using "rngd" to feed /dev/hw* random into
/dev/random, but only after FIPS checking, which is done by rngd. This check
is essential since the /dev/hw* devices can return very non-random data, so
these devices should never be used directly. (openswan 2.4.7 will no longer
access those devivces directly)
Since I did not find an rng-tools package, I created one for extras, uploaded
at ftp://ftp.xelerance.com/rng-tools/
Then I found that rng-utils exist, which seems to be based on the same source,
but it has no initscripts at all to launch "rngd" at boot.
The question now is, do I submit the initscripts extension as bug to rng-utils,
or do I submit an rng-tools package that "obsoletes" rng-utils?
Personally, I think this functionality should be in core (and the service pref
should be called rngd, not rng-utils). But if rng-utils will not be extended
with initscripts, I'd want to have something in Extras that does have a init
script.
Again, any system with a hardware RNG should be running this daemon or else
it will not be able to use hardware RNG at all.
Paul
More information about the fedora-extras-list
mailing list