poor entropy performance
|Reported by:||Tsso||Owned by:|
|Guest type:||other||Host type:||all|
Many cryptographic operations depend on entropy. Having too few entropy available results in slow cryptographic operations. (https, gpg, etc.)
A simple test in Virtual Box with Debian Linux guest (rng-tools package) takes ages.
cat /dev/random | rngtest -c 100
Installing packages for entropy collection, such as haveged and/or randomsound, will astronomically speed up this test.
Since the packages depend on hardware and Virtual Box implements only virtual hardware, it's impossible to know if these packages would actually improve or worsen security (entropy quality).
There is no information about this topic available on virtualbox.org.
(Security aspects when not extra package for entropy collection is installed have their own ticket #11296.)