Merge pull request #418 from drduh/wip-12feb24

remove yubikey as rng
pull/420/head
drduh 2024-02-12 18:05:48 +00:00 committed by GitHub
commit 00708879da
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 0 additions and 11 deletions

View File

@ -20,7 +20,6 @@ To suggest an improvement, please send a pull request or open an [issue](https:/
* [macOS](#macos) * [macOS](#macos)
* [Windows](#windows) * [Windows](#windows)
- [Entropy](#entropy) - [Entropy](#entropy)
* [YubiKey](#yubikey)
* [OneRNG](#onerng) * [OneRNG](#onerng)
- [Generate keys](#generate-keys) - [Generate keys](#generate-keys)
* [Temporary working directory](#temporary-working-directory) * [Temporary working directory](#temporary-working-directory)
@ -340,16 +339,6 @@ Most operating systems use software-based pseudorandom number generators or CPU-
**Optional** A device such as [OneRNG](https://onerng.info/onerng/) may be used to [increase the speed](https://lwn.net/Articles/648550/) and possibly the quality of available entropy. **Optional** A device such as [OneRNG](https://onerng.info/onerng/) may be used to [increase the speed](https://lwn.net/Articles/648550/) and possibly the quality of available entropy.
## YubiKey
YubiKey version 5.2.3 introduced "Enhancements to OpenPGP 3.4 Support" which can gather additional entropy from YubiKey.
To seed PRNG with an additional 512 bytes retrieved from the YubiKey:
```console
echo "SCD RANDOM 512" | gpg-connect-agent | sudo tee /dev/random | hexdump -C
```
## OneRNG ## OneRNG
Configure [rng-tools](https://wiki.archlinux.org/title/Rng-tools): Configure [rng-tools](https://wiki.archlinux.org/title/Rng-tools):