Is /dev/random really my problem?
x at xman.org
Mon Apr 7 05:12:55 EDT 2003
On Mon, 2003-04-07 at 02:01, Sebastian Hagedorn wrote:
> --On Montag, 7. April 2003 1:42 Uhr -0700 Christopher Smith <x at xman.org>
> Thanks for your reply. So you're saying that even so few users could cause
> the server to run out of entropy?
Yup, to a large degree it doesn't matter how fast you drain the bucket
if nothing gets put back in. ;-)
> I haven't done anything to /dev/random, it's out of the box. I always
> thought the point of /dev/random was that you didn't have to run egd.
Yes with Linux, you don't need egd for a typical workstation, I just
wasn't sure what platform you were on.
> Patching the kernel is not an option. I'd prefer to use /dev/urandom
> instead. I still wonder why POP seems to be unaffected and why "cat
> /dev/random" doesn't block ...
Normally, POP users aren't authenticating using CRAM-MD5, which I
suspect is the SASL module which is using /dev/random. You may want to
look at ways to add entropy to /dev/random rather than switching to
/dev/urandom, however, if it's not an option, it's not an option.
More information about the Info-cyrus