3

I'm interested in generating secret keys for SSL on virtual machines using true randomness. By true randomness I mean the same level of entropy that can be generated by UNIX's dev/random and entropy gathering daemon (EGD).

Is there a "general knowledge" recipe to route entropy from the physical layer to the virtual machines via the hypervisor regardless of the Hypervisor/Guest OS combination?

Example: suppose one "hypervises" with VMware VSphere and instantiates Windows Guest OS. Can this hypervisor collect entropy from its peripherals (like dev/random/ would) and distribute it to these guest Windows OS?

When considering the big vendors (VMware, Hyper-V, Citrix, etc), do they have entropy pools that gather entropy that can easily be pushed to their respective virtual machines?

Louis

voretaq7
  • 79,345
  • 17
  • 128
  • 213
Louis
  • 131
  • 4

1 Answers1

1

I have no first-hand experience with it, but here's something that says it does it. Out of curiosity, what would you be doing with this on a Windows machine?

mfinni
  • 35,711
  • 3
  • 50
  • 86
  • 1
    Thanks for your input. Windows was just to illustrate. It could more likely by a Linux machine running OpenSSL. – Louis Jan 07 '11 at 08:47