Wireguard and entropy


#21

Getting the thread back on topic (entropy pool slow to fill) - and /dev/random is blocking as noted by the slow start of WG by the original poster. It doesn’t just affect the AR300/MT300 devices on WG, it’s common in many other scenarios as well.

The 9531 has a HWRNG, but it’s questionable of the quality of that generator (see the OpenWRT thread mentioned below)

With devices like this, it’s going to be a bit of a challenge - as previously noted, haveged does fill the pool fairly fast (noting stated concerns about the quality of randomness generated by haveged) - OpenWRT has done some effort to improve performance there.

Good thread over on the OpenWRT forums - https://forum.openwrt.org/t/randomness-quality/2398

Included in that thread was options for a TRNG key (for the truly paranoid perhaps)

Another good read here on randomness in linux, including /dev/urandom…

https://www.2uo.de/myths-about-urandom/