dnssec-keygen not responding
lampe at hauke-lampe.de
Thu Dec 1 13:56:40 UTC 2011
Jan-Piet Mens wrote:
----- Original message -----
> Would you be willing to give us a few more details, such as the name of
> the USB random source generator (is it an Entropy Key) ?
> Of course
, if you do tell us what hardware you're using, the next thing
> will be we'll want a copy of your unofficial little daemon ... ;-)
I don't know what Mark uses but I am quite satisfied with Entropy Key's USB key with ekeyd as source and distributing entropy via VPN to remote egd clients:
Keep in mind, that while the ekey daemon goes to great lengths to protect the entropy stream on the USB interface, the egd TCP connection is not encrypted or signed in any way. A middleman can record the raw entropy stream mixed into a server's pool and maybe even replace it with a know pattern.
More information about the bind-users