If I recall correctly, at one point, the network interface was used as a source ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		cbhl on Jan 16, 2019 \| parent \| context \| favorite \| on: An Almost-Secret Algorithm Researchers Used to Bre... If I recall correctly, at one point, the network interface was used as a source of entropy. Then someone demonstrated that sending the right sequence of network packets to a machine would let you control the key that got generated. So they removed it. Then folks discovered -- in production -- that some cloud computing environments just don't get any other new entropy after boot, and so instances would hang on generating SSH host keys. Some folks went to /dev/urandom. Other folks decided to seed instances with entropy from another computer (with fancy names like "cloud entropy service"). And then someone had to decide how that machine gets entropy (like plugging in an FM radio into the mic jack).

justinclift on Jan 16, 2019 [–]

> some cloud computing environments just don't get any other new entropy after boot

For environments like that, I think Haveged is the general approach these days. Latest dev code (revived project) is now here:

https://github.com/jirka-h/haveged

It's the (officially blessed, I think) continuation from the original Haveged:

http://www.issihosts.com/haveged/

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact