Re: no entropy and no output at /dev/random (quick question)

[Javier Villavicencio]

Horst von Brand wrote:

> daw@xxxxxxxxxxxxxxxxxxxxxxxx (David Wagner) said:
>
> > Javier Villavicencio  wrote:
> >
> > > it's encouraged to use /dev/urandom instead of /dev/random?
>
>
> > Yes, for almost all purposes, applications should use /dev/urandom,
> > not /dev/random.  (The names for these devices are unfortunate.)
>
>
> To seed a random number generator, never directly.
>
>
> > Sadly, many applications fail to follow these rules, and consequently
> > /dev/random's entropy pool often ends up getting depleted much faster
> > than it has to be.
>
>
> Reading /dev/urandom depletes exactly the same pool, it just doesn't block
> when the pool is empty. As said pool has other uses, indiscriminate reading
> of either can DoS other parts of the system.

But why if /dev/random depletes and you don't have any source of entropy 
? As you may have seen in my setup I had no mouse/keyboard attached to 
that server, and the only "things" capable of generate entropy where the 
two nics and the DAC960.
So I've enabled entropy only for the local nic and the DAC960 (at least 
"I think", for the dac :+) and now I'm plenty of entropy, but for a 
setup like this, the server may have been running without entropy at all 
for weeks (I've forgot to check the uptime :+P).
About this, think about php generating session_id()s without entropy 
(o_O), and stuff like that....

Salu2.

Javier Villavicencio.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/