forked from idkwim/entropybroker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
entropy_broker.conf
97 lines (88 loc) · 3.18 KB
/
entropy_broker.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# $Revision$
# each pool is 4Kb (512 bytes)
max_number_of_mem_pools = 512
# maximum number of files in cache-dir (see Makefile)
# a file can contain 1 or more pools
max_number_of_disk_pools = 256
# if the number of full memory pools is reached, try to store
# at least 'min_store_on_disk_n' pools in a disk-file
# if the maximum number of files in the cache-dir is reached,
# no new files are created and the new data is mixed into the
# existing memory pools
min_store_on_disk_n = 5
# network parameters
# to what network interface to bind. use 0.0.0.0 to listen to
# all network interfaces
listen_adapter = 0.0.0.0
listen_port = 55225
# don't change this one:
listen_queue_size = 5
# for lower latency
disable_nagle = 0
enable_keepalive = 1
ping_interval = 299
# default pool size
# if disk-pools are different in size, then the size of that disk-pool is used(!)
# so this setting is for new pools
pool_size_in_bytes = 2048
# default maximum bps, can also set the third field in
# the users.txt to a per-user value
default_max_get_bps = 4096
# how many bits may be put/get in one go
# do not change this after clients/servers have connected
max_get_put_size = 32768
## the following two settings are for the pool management
# aes, 3des, camellia or blowfish
stirrer_type = aes
# md5, ripemd160, whirlpool or sha512
hash_type = sha512
## the following three settings are for the network protocol encryption
# encryption method
stream_cipher = 3des
# hash to verify if the data did not get altered
mac_hasher = md5
#mac_hasher = sha512
# hash to use during authentication handshake
hash_hasher = sha512
#hash_hasher = ripemd160
# with what algorithm must the broker estimate the information
# amount in the data. can be either shannon or compression.
# compression is slower, shannon is more conservative
bitcount_estimator = shannon
# mostly used for client statistics
reset_counters_interval = 60
# how often to emit statistics
statistics_interval = 300
# how often to ask a client how full it's kernel pool is
kernelpool_filled_interval = 3600
# to what file to write statistics to
# needs a full path
# stats_file =
communication_timeout = 15
communication_session_timeout = 3600
default_sleep_time_when_pools_full = 10
default_sleep_when_pools_empty = 16
default_max_sleep_when_pools_empty = 60
# how many bits a client may retrieve per interval, not used currently
default_max_bits_per_interval = 16000000
# see http://en.wikipedia.org/wiki/FIPS_140
ignore_rngtest_fips140 = 1
# calc. the serial correlation coefficient?
ignore_rngtest_scc = 1
# thrwshold at which the data will fail
scc_threshold = 0.2
# an event is a request coming in
allow_event_entropy_addition = 1
# might improve the randomness at cost of more cputime
add_entropy_even_if_all_full = 0
# if the pools are empty, behave like a prng
allow_prng = 0
# when the pools are all full, allow every x seconds
# to stir new entropy data in them
when_pools_full_allow_submit_interval = 15
# this password-file must be given to the client/server processes using the -X parameter
users = users.txt
# set port to -1 to disable
webserver_interface = 0.0.0.0
webserver_port = 48923
# graph_font = /usr/share/fonts/truetype/freefont/FreeMono.ttf