[strongSwan] Regarding Key Generation in strongswan 4.2.8

Andreas Steffen andreas.steffen at strongswan.org
Sun Sep 7 19:13:41 CEST 2014

Hi Rakshesh,

by default strongSwan is using its random plugin to get random
material from the Linux /dev/urandom device. Depending on the system
setup, multiple random sources are feeding into the Linux entropy pool.
You have to check on your system which entropy sources are available.

Best regards


On 09/07/2014 04:38 PM, Bhatt, Rakshesh 1. (NSN - IN/Bangalore) wrote:
> Hi,
> We are using strongswan version 4.2.8. My question is : Is system time /
> clock-source one of the inputs for the algorithm that generates Child SA
> and IKE keys?
> Regards,
> Rakshesh

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140907/62f48cee/attachment.bin>

More information about the Users mailing list