Is /dev/random really my problem?

Christopher Smith x at xman.org
Mon Apr 7 05:12:55 EDT 2003


On Mon, 2003-04-07 at 02:01, Sebastian Hagedorn wrote:
> --On Montag, 7. April 2003 1:42 Uhr -0700 Christopher Smith <x at xman.org> 
> wrote:
> Thanks for your reply. So you're saying that even so few users could cause 
> the server to run out of entropy?

Yup, to a large degree it doesn't matter how fast you drain the bucket
if nothing gets put back in. ;-)

> I haven't done anything to /dev/random, it's out of the box. I always 
> thought the point of /dev/random was that you didn't have to run egd. 

Yes with Linux, you don't need egd for a typical workstation, I just
wasn't sure what platform you were on.

> Patching the kernel is not an option. I'd prefer to use /dev/urandom 
> instead. I still wonder why POP seems to be unaffected and why "cat 
> /dev/random" doesn't block ...

Normally, POP users aren't authenticating using CRAM-MD5, which I
suspect is the SASL module which is using /dev/random. You may want to
look at ways to add entropy to /dev/random rather than switching to
/dev/urandom, however, if it's not an option, it's not an option.

--Chris




More information about the Info-cyrus mailing list