Mike Silbersack wrote:
On Sat, 28 Dec 2002, Tim Kientzle wrote:
Technical Question: is /dev/random sufficient
for the cryptographic requirements of programs
like dhclient, bind, etc?
Yes.
The only problem is that /dev/urandom and /dev/random might be too slow ...
I've clocked /dev/random on -current at
just about 10MB/s (on a 1GHz AMD Duron). That's
plenty fast enough for generating session keys. ;-)
... you may even want to use
/dev/urandom under 4.x, although it's nowhere near as good as the
/dev/(u)random on 5.x.
If this code is just used for generating occasional
keys, 4.x's /dev/random may well suffice. As I
dig deeper, though, I'm starting to suspect that
this code isn't actually used by dhclient at all.
That would suggest a much simpler fix... ;-)
Tim
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
