FS#43079 : How secure is haveged?

FS#43079 - How secure is haveged?

Attached to Project: Arch Linux
Opened by Tomas Mudrunka (harvie) - Thursday, 11 December 2014, 17:09 GMT
Last edited by Doug Newgard (Scimmia) - Thursday, 11 December 2014, 17:40 GMT

Task Type	General Gripe
Category	Packages: Extra
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Very Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Tomas Mudrunka (harvie) (2014-12-11)
Private	No

Details

There have been general reccomendation to use haveged:
https://www.archlinux.org/news/gnupg-21-and-the-pacman-keyring/

I just wonder how secure it is. Can we tell that it's really good idea to use haveged on servers where we need to consider security? It's good that keys are generated faster, so we can get better latency on TLS, etc... But what are the security risks of using haveged?

This task depends upon

Closed by Doug Newgard (Scimmia)
Thursday, 11 December 2014, 17:40 GMT
Reason for closing: Not a bug

Comment by Johannes Löthberg (demize) - Thursday, 11 December 2014, 17:11 GMT

Well, a good start is looking upstream. (<http://www.issihosts.com/haveged/>)

Comment by Doug Newgard (Scimmia) - Thursday, 11 December 2014, 17:40 GMT

Questions like this should be in the forum or a mailing list, not the bug tracker.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#43079 - How secure is haveged?

Details

Loading...