Profile cover photo
Profile photo
Alex Muller

Post has attachment

Post has shared content
Very cool.
Just spotted a post by Jan-Piet Mens about lack of entropy when generating DNS keys ( and it reminded me that our setup needs a bit of a tidy.

We have a dedicated $RANDOM server, it currently does nothing except serve random data. Connected to it with have 5 entropy keys, 4 via a USB hub and 1 directly attached. These feed the supplied ekeyd software with 160k/s of truly random data. This is then harvested by all our clients via EGD (entropy gathering daemon) whenever their entropy pool falls before a preconfigured level. As a result, every desktop/server has a constant stream of high quality random data. Before installation we experienced frequent hangs of processes, particularly on servers, as they waited for entropy to become available. Thankfully this problem has now completely disappeared. Entropy levels across the network are recorded by munin and alerted on by Nagios. Everything is configured through puppet, obviously. ;-)

My next job is to move these keys onto our pacemaker cluster to increase resilience. At the moment if we lost our $RANDOM our clients would fall back to their normal method of entropy collection which isn't ideal.
Add a comment...

There's something "not good" about this experience that I can't quite put my finger on. I remember Buzz doing the same thing when it launched originally.

It's something to do with long comment conversations. They feel difficult to read - I can't tell if it's a UI thing, or if it's an uncomfortable thing because I know so few of the people commenting.
Add a comment...

Google+ has a UI that's easily as fast as Twitter (if not faster) - try navigating between post permalink and stream. And it doesn't use shitty hashbangs. Win!
Add a comment...
Wait while more posts are being loaded