1 Mar
2016
1 Mar
'16
7:12 p.m.
On 02/29/2016 02:07 PM, Warren Young wrote:
so i enacted rngd -r /dev/urandom -o /dev/random
That’s essentially bogus. If /dev/random is blocking due to insufficient entropy, feeding false entropy in from urandom buys you nothing, other than to fool /dev/random into thinking it has more entropy than it actually does.
On a typical Linux system, /dev/random and /dev/urandom get their entropy from the same source, so feeding pseudorandom numbers from one to the other is essentially lying to the kernel; it will get its revenge on you for that lie, eventually.
Indeed, the correct solution is to use /dev/urandom instead of /dev/random.