atd and haveged daemons
The latest slackware[64]-current installs new rc.atd and rc.haveged files in /etc/rc.d which start the atd and haveged daemons respectively. These are installed as executable by default.
haveged is new. atd is not, although I am not conscious of having run the atd daemon before (possibly it ran without me noticing). I have no user packages installed which use them, so I was wondering if anyone knows whether there is anything supplied by slackware[64]-current itself which would make it desirable to start these daemons at boot-up? |
haveged is generating a secure PRG (Pseudo Random Generator) to remedy the low-entropy generated by the kernel.
|
Quote:
Is atd used by any slackware packages do you know? |
no, it provides better entropy than /dev/random i believe
atd is like cron, but only used once, not repetitive. It's provided just in case someone needs them :) |
Quote:
I don't think I will start atd. Nothing seems to use it and I certainly don't. |
Quote:
I use the at daemon a lot. Great for one-off tasks. :) Quote:
|
Quote:
|
Quote:
|
Other distros start sendmail in the background or in parallel to the rest of the boot sequence. Presumably, something that generates entropy will start to happen and allow sendmail to start. (Or other distros don't use sendmail at all; hard to say.)
|
Quote:
|
Quote:
Postfix,apache,pidgin,firefox etc. need entropy, more than it used to be a few years ago as everything uses https/tls nowerdays. Missing entropy causes delays/timeouts on secure connections and probably more problems, and i believe there's no drawback having haveged, it only feeds extra entropy if entropy runs low. In short, haveged prevents problems ;-) Johannes |
This discussion has gotten me seriously thinking about security, and how I might improve it on my own system. The addition of haveged is good, as it will increase entropy enough for the casual user. However, as a 30+ year user of computers, and having been made aware of security issues from reading about it on the web and several courses I took as a computer science major has made me hyper-aware of the issues facing computer users today. Therefore, I have opted for a hardware route, and came upon this little gem.
Personally, I like having an external hardware random number generator, and it is natively supported by the Linux kernel. Can't be too careful these days, and the cost is certainly reasonable. |
Quote:
|
All times are GMT -5. The time now is 05:23 PM. |