> ssh-keygen should just block until it gets enough - this is not acceptable
> behaviour if /dev/urandom is returning unseeded data. OpenSSL uses
> /dev/urandom at the moment - I just read a comment in md_rand.c that using
> /dev/random may block, which I didn't think was true.
> On the other hand, doing a dd if=/dev/random of=/dev/null gives me
> infinite "randomness" at 10MB/sec - have the semantics of /dev/random
> changed?

Yes; remember that what we have here is Yarrow algorithm; which is an
algorithm for cryptographically secure PRNG - one whose internal state
is unguessable, or if compromised folr some reason is self-recovering.

"Infinite" randomness is possible with this algorithm.

Mark Murray
Join the anti-SPAM movement: http://www.cauce.org

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to