Antoine Pitrou <[email protected]> added the comment:
>From the /dev/urandom Linux man page:
If you are unsure about whether you should use /dev/random or
/dev/urandom, then probably you want to use the latter. As a general
rule, /dev/urandom should be used for everything except long-lived
GPG/SSL/SSH keys.
If a seed file is saved across reboots as recommended below (all major
Linux distributions have done this since 2000 at least), the output is
cryptographically secure against attackers without local root access as
soon as it is reloaded in the boot sequence, and perfectly adequate for
network encryption session keys.
So, yes, /dev/urandom is suitable for most cryptographic purposes (except
long-lived private keys).
----------
nosy: +pitrou
_______________________________________
Python tracker <[email protected]>
<http://bugs.python.org/issue15206>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
