On 02/29/2016 02:07 PM, Warren Young wrote:
so i enacted rngd -r /dev/urandom -o /dev/random
That’s essentially bogus. If /dev/random is blocking due to insufficient
entropy, feeding false entropy in from urandom buys you nothing, other than to
fool /dev/random into thinking it has more entropy than it actually does.
On a typical Linux system, /dev/random and /dev/urandom get their entropy from
the same source, so feeding pseudorandom numbers from one to the other is
essentially lying to the kernel; it will get its revenge on you for that lie,
eventually.
Indeed, the correct solution is to use /dev/urandom instead of /dev/random.
http://www.2uo.de/myths-about-urandom/
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
