Re: kernel security questions

Colin Plumb (colin@nyx.net)
Mon, 16 Mar 1998 03:00:54 -0700 (MST)

Generating passwords from /dev/random can be done, but it requires a
little finesse. First of all, using /dev/urandom is usually best,
since /dev/random stops delivering when it can no longer guarantee
perfection in its output, while /dev/urandom keeps going, delivering
data that is good enough for all practical purposes.

An easy way to generate an 8-character printable ASCII password is
tr -cd '!-~' < /dev/urandom | head -8c; echo
Which, ignoring the "Broken pipe" complaints, produces such
memorable things as 2|,TQ~qU and +^_nBdid on my machine.
It's kind of wasteful to do it this way (tr -d just throws away bytes
that aren't good enough), but it works.

Really, /dev/[u]random are intended to provide *seed* material for
your own generator. 16 to 32 bytes is *plenty* for any purpose you
have in mind.

But still,
tr '\200-\377' '\0-\177' < /dev/urandom | tr -cd '!-~'

Will produce lots of ASCII gibberish. Slightly neater is
uuencode -m /dev/urandom /dev/urandom

Which has the virtue of not wasting anything.

-- 
	-Colin


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu