On Thu, May 13, 2004 at 03:29:48PM -0400, Adam Voigt wrote: > I'm not sure how they did it, but I once saw someone setup a radio > which was tuned to a frequency without a station, and it digitized > the static and used that. Or something along those lines anyway. Sources of entropy don't have to be completely random (mouse movements clearly are not), they just have to be not entirely predictable. Putting inter-station static into a sound card, doing some data massaging, and feeding that into the entropy pool, can work. But it probably isn't necessary. Be sure you have some entropy at the beginning of time (have someone use the mouse for some portion of the installation, say), and then add entropy from as many of the devices in /dev that might have any randomness in timing variations, and you should be OK. Essentially what happens when you ask for random numbers is the entropy pool is used as the seed for a really high quality pseudo random number generator. If the entropy pool ever gets one good dose of random data, it is likely good forever. To be extra safe any new entropy is used to stir the pool. If the new data doesn't really have any entropy in it, it doesn't hurt, it is only used to stir the old entropy, not replace it. -kb
