[Whonix-devel] PRNGD questions

Patrick Schleizer adrelanos at riseup.net
Sat Feb 1 14:43:38 CET 2020


Hello,

as a maintainer of Whonix, a privacy / security focused Linux
distribution (derivative of Debian) I am interested in PRNGD - Pseudo
Random Number Generator Daemon.

http://prngd.sourceforge.net

Does use of PRNGD still make sense nowadays on Linux with /dev/random?
You might say, /dev/random provides good entropy. Right. However, we are
looking for additional sources of entropy. For that purpose we are using
haveged and jitterentropy_rng but wouldn't like to add add additional
sources. Ideally those not reliant on the CPU.

Can PRNGD output a stream of random output on the console? If yes, we
could invent a simple wrapper around it and redirect/write it to
/dev/random?

(I don't worry about updating the entropy counters using RNDADDENTROPY.
Thanks to haveged and jitterentropy_rng these counters are always very
high anyhow with no observed case of /dev/random starvation ever yet.
The main point here is to improve entropy quality in case other sources
are later found out to be less random than anticipated. Performance
isn't a concern here.)

Trying to verify PRNGD.

gpg --verify prngd-0.9.9.tar.gz.sig
gpg: keybox '/home/user/.gnupg/pubring.kbx' created
gpg: assuming signed data in 'prngd-0.9.9.tar.gz'
gpg: Signature made Mon 26 Feb 2001 12:20:08 PM EST
gpg:                using RSA key 78993B149C58A66D
gpg: Can't check signature: No public key

Could you please let me know where to acquire key 78993B149C58A66D since
keyservers are unreliable nowadays.

cc'd whonix-devel public mailing list so all our readers can benefit
from you reply.

Kind regards,
Patrick


More information about the Whonix-devel mailing list