Revision of scs-0101-v1-entropy (!297) · Merge requests · Sovereign Cloud Stack / standards

Kurt Garloff requested to merge scs-0100-v1-entropy-revised into main Jun 02, 2023

Created by: mbuechse

Hi everyone.

I tried to apply the structure suggested by scs-0001. Besides, I did a kinda deep dive into the topic of entropy, and I revised the draft accordingly. Please have a look.

Most important insights to me:

linux does not treat RDRAND/RDSEED like a classical hardware rng (it doesn't appear as /dev/hwrng and it's automatically part of the entropy pool)
therefore rngd is only required on the host if it does feature a true hw rng
for the same reason (namely, that linux automatically uses RDRAND), it seems to me that it's mostly up to the user's taste whether they want to use virtio-rng

edit just mention https://github.com/SovereignCloudStack/issues/issues/234 to make the connection

Revision of scs-0101-v1-entropy

Merge request reports