On Fri, Aug 16, 2013 at 3:32 PM, shawn wilson <ag4ve...@gmail.com> wrote: > I thought that decent crypto programs (openssh, openssl, tls suites) > should read from random so they stay secure and don't start generating > /insecure/ data when entropy runs low.
Depends on the operating system. > The only way I could see this > as being a smart thing to do is if these programs also looked at how > much entropy the kernel had and stopped when it got ~50 or so. Is this > the way things are done when these programs use urandom or what? On Linux programs generating long term keys should read from /dev/random (which may block). On FreeBSD /dev/random and /dev/urandom are identical. -- Eitan Adler _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography