On Thu, 14 Jan 2021, Manuel Bouyer wrote:
And what about systems that don't have a /dev/audio (or system that have play-only /dev/audio) ?
Is this OK (or, it is hopelessly insecure)?: 1. Use environment (keyb. delay, mouse, ...) to seed the libc PRNG. 2. Use the PRNG values to pick out random bits from a truely random file. The random file is generated anew each time an distrib. image is built. If one needs 256 bits to seed /dev/random, then a 32K random file should suffice. The other alternative is the user mashing the keyboard and moving a mouse for a few minutes. -RVP
