[CentOS-virt] Would a hardware TRNG benefit VMs?

Tue Jul 16 16:44:35 UTC 2013
Robert Dinse <nanook at eskimo.com>

      I would second that, wish I had the knowledge to do it, but I can see a
lot of useful applications, never worry about having enough entropy for various 
encryption engines, scientific projects, etc.

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
  Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting.
    Knowledgeable human assistance, not telephone trees or script readers.
  See our web site: http://www.eskimo.com/ (206) 812-0051 or (800) 246-6874.

On Tue, 16 Jul 2013, Digimer wrote:

> Date: Tue, 16 Jul 2013 12:20:17 -0400
> From: Digimer <lists at alteeve.ca>
> Reply-To: Discussion about the virtualization on CentOS
>     <centos-virt at centos.org>
> To: Stefano Stabellini <stefano.stabellini at eu.citrix.com>
> Cc: Discussion about the virtualization on CentOS <centos-virt at centos.org>
> Subject: Re: [CentOS-virt] Would a hardware TRNG benefit VMs?
> 
> On 16/07/13 06:30, Stefano Stabellini wrote:
>> On Mon, 15 Jul 2013, Digimer wrote:
>>> On 15/07/13 07:04, Stefano Stabellini wrote:
>>>> On Sat, 13 Jul 2013, Digimer wrote:
>>>>> Hi all,
>>>>>
>>>>>      I've been curious about using hardware true random number generators
>>>>> in my VM clusters. This got me wondering about the VM's /dev/random
>>>>> source... If I setup a hardware TRNG on the host, would the VM's also
>>>>> benefit from it?
>>>>
>>>> Xen VMs would not be able to benefit from it. I don't know about KVM.
>>>
>>> Would you be able to elaborate on why not? I know Xen and KVM differ, but this
>>> is not a topic I have seen discussed at all before, so any insight would be
>>> helpful and appreciated! :)
>>
>> Because we don't have a paravirtualized interface to export the
>> randomness to the guest.
>> It would be a nice small little project to do that though.
>>
>
> Ah, ok. I'm an admin, not a programmer, so I am not sure what would be
> needed. Given how popular VMs are now, I can imagine it would be a nice
> feature to have. If it's a "small" project, then all the better! :)
>
> Thanks!
>
> -- 
> Digimer
> Papers and Projects: https://alteeve.ca/w/
> What if the cure for cancer is trapped in the mind of a person without
> access to education?
> _______________________________________________
> CentOS-virt mailing list
> CentOS-virt at centos.org
> http://lists.centos.org/mailman/listinfo/centos-virt
>