aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTobias Geerinckx-Rice <me@tobias.gr>2018-10-11 00:19:13 +0200
committerTobias Geerinckx-Rice <me@tobias.gr>2018-10-15 06:19:38 +0200
commit4a147986a0839103a9c5bf1b5b74047c7d398349 (patch)
tree8328783f39d5a59612f2ccf125a935f79a4a3a30
parentdfe05297f3922a0403a9d788bc4d87502e148d87 (diff)
downloadguix-4a147986a0839103a9c5bf1b5b74047c7d398349.tar
guix-4a147986a0839103a9c5bf1b5b74047c7d398349.tar.gz
gnu: haveged: Teach the controversy.
* gnu/packages/linux.scm (haveged)[description]: Suggest adding additional entropy sources.
-rw-r--r--gnu/packages/linux.scm6
1 files changed, 5 insertions, 1 deletions
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 7aaa7fb644..79a1b0b46a 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -3760,7 +3760,11 @@ systems with high needs or limited user interaction, such as headless servers.
indirect effects of hardware events on hidden processor state using the HArdware
Volatile Entropy Gathering and Expansion (@dfn{HAVEGE}) algorithm. It tunes
itself to its environment and provides the same built-in test suite for the
-output stream as used on certified hardware security devices.")
+output stream as used on certified hardware security devices.
+
+The quality of the randomness produced by this algorithm has not been proven.
+It is recommended to run it together with another entropy source like rngd, and
+not as a replacement for it.")
(license (list (license:non-copyleft "file://nist/mconf.h")
(license:non-copyleft "file://nist/packtest.c")
license:public-domain ; nist/dfft.c