choosing another random number generator
Chuck Swiger
cswiger at mac.com
Thu Jun 10 19:39:51 GMT 2004
Holger Eitzenberger wrote:
> using FBSD 4.9 I want to choose another RNG, because I have to
> following line in the logs when starting IPSec:
>
> WARNING: pseudo-random number generator used for IPsec processing
>
> Against popular believe[1] the Handbook or the random(4) manpage
> does not mention how to switch to another RNG.
>
> I have set the variable $rand_irqs accordingly.
Consider getting something like:
http://www.soekris.com/vpn1401.htm
...which will provide you with a hardware-based RNG. You'll need to enable
some options in the kernel to use it (search for HIFN in LINT)...
--
-Chuck
More information about the freebsd-net
mailing list