[Ach] removed outdated info on Linux RNG / haveged

Aaron Zauner azet at azet.org
Mon May 8 05:21:23 CEST 2017


With regard to haveged and other "entropy daemons":

* Aaron Zauner <azet at azet.org> [08/05/2017 05:13:20] wrote:
> it now says:
> ```
>    Usage
>        The /dev/random interface is considered a legacy interface, and
>        /dev/urandom is preferred and sufficient in all use cases, with the
>        exception of applications which require randomness during early boot
>        time; for these applications, getrandom(2) must be used instead,
>        because it will block until the entropy pool is initialized.
> 
>        If a seed file is saved across reboots as recommended below (all
>        major Linux distributions have done this since 2000 at least), the
>        output is cryptographically secure against attackers without local
>        root access as soon as it is reloaded in the boot sequence, and
>        perfectly adequate for network encryption session keys.  Since reads
>        from /dev/random may block, users will usually want to open it in
>        nonblocking mode (or perform a read with timeout), and provide some
>        sort of user notification if the desired entropy is not immediately
>        available.
> ```

Additionally:

```
Writing to /dev/random or /dev/urandom will update the entropy pool
with the data written, but this will not result in a higher entropy
count.  This means that it will impact the contents read from both
files, but it will not make reads from /dev/random faster.
```

Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.cert.at/pipermail/ach/attachments/20170508/b4c6283d/attachment.sig>


More information about the Ach mailing list