Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#43079 - How secure is haveged?
Attached to Project:
Arch Linux
Opened by Tomas Mudrunka (harvie) - Thursday, 11 December 2014, 17:09 GMT
Last edited by Doug Newgard (Scimmia) - Thursday, 11 December 2014, 17:40 GMT
Opened by Tomas Mudrunka (harvie) - Thursday, 11 December 2014, 17:09 GMT
Last edited by Doug Newgard (Scimmia) - Thursday, 11 December 2014, 17:40 GMT
|
DetailsThere have been general reccomendation to use haveged:
https://www.archlinux.org/news/gnupg-21-and-the-pacman-keyring/ I just wonder how secure it is. Can we tell that it's really good idea to use haveged on servers where we need to consider security? It's good that keys are generated faster, so we can get better latency on TLS, etc... But what are the security risks of using haveged? |
This task depends upon
Closed by Doug Newgard (Scimmia)
Thursday, 11 December 2014, 17:40 GMT
Reason for closing: Not a bug
Thursday, 11 December 2014, 17:40 GMT
Reason for closing: Not a bug
Comment by Johannes Löthberg (demize) -
Thursday, 11 December 2014, 17:11 GMT
Well, a good start is looking upstream. (<http://www.issihosts.com/haveged/>)
Comment by Doug Newgard (Scimmia) -
Thursday, 11 December 2014, 17:40 GMT
Questions like this should be in the forum or a mailing list, not the bug tracker.