>> On 24 Jul 2020, at 09:33, Jeffrey Walton <[email protected]> wrote: >> >> On Fri, Jul 24, 2020 at 4:28 AM peter garner <[email protected]> wrote: >> I've used my OneRNG v3.0 external device to recreate my SSH moduli and >> am now looking to recreate my wireguard keys. >> According to the Wireguard docs it uses /dev/urandom: >> https://gist.github.com/rmoriz/58f1768218a4fbc4b318615bfb85111d >> fd = open("/dev/urandom", O_RDONLY); >> if (fd < 0) >> return fd; >> ret = read(fd, out, len); >> close(fd); > > Unrelated, the kernel-crypto folks recommend using /dev/urandom. > Wiregaurd is following best practices. Also see > https://lkml.org/lkml/2017/7/20/993. > > Jeff
Thanks Jeff - all is now clear (that link helped as well). I've been doing some additional research and everything makes sense.
