[tor-relays] Using /dev/hwrng

Imse Vimse gvs2nlhkzmemgjnx9ngmaqqg at gmail.com
Sat Mar 14 17:53:05 UTC 2015

On rapsberry pi you need to manually activate loading module bcm2708-rng,
or so I have read, to enable the HW-support. I have not actually verified
the current state or tested it on my relays. The nodes are headless and
normally outside my firewall so it's a bit of work to do the maintenance.
But I wanted to get some confirmation that it is useful to do it.

It could be fun to make some benchmarking to see if I can increase
performance on the same hardware.

How do I examine the output of 'openssl' that too is a bit of unknown
territory for me?

2015-03-13 21:39 GMT+01:00 Libertas <libertas at mykolab.com>:

> On Thu, Mar 12, 2015 at 07:01:58PM +0100, Imse Vimse wrote:
> >    Would enabling the hardware random number generator on a relay node be
> >    usefull in terms of increased performance?
> >    If so, is it enough to activate /dev/hwrnd or is some configuration
> >    and/or recompilation required?
> I suspect that your OS already does this by mixing it into its entropy
> store, but that Tor using the device directly would be dangerous.
> I'm not sure how relevant the HardareAccel config option is, but you
> might want to look into that. Also look at the output of 'openssl
> engine' to see whether OpenSSL recognizes the rdrand engine as
> available.
> I don't know much about this, but I thought I'd give you some leads.
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20150314/eab9799a/attachment.html>

More information about the tor-relays mailing list