Is /dev/random really my problem?

Sebastian Hagedorn Hagedorn at uni-koeln.de
Mon Apr 7 05:01:01 EDT 2003


--On Montag, 7. April 2003 1:42 Uhr -0700 Christopher Smith <x at xman.org> 
wrote:

> On Mon, 2003-04-07 at 00:54, Sebastian Hagedorn wrote:
>> Given this data, is it at all conceivable that /dev/random is really the
>> issue here? If it isn't, what would be the best way to debug this? I
>> tried  using strace, but wasn't really sure *what* to strace.
>
> Server's tend not to have much entropy unless you give it to them. A lot
> of it depends on how your /dev/random is set up. Are you using egd or
> something similar? I myself have patched my Linux kernel so that it
> takes entropy from network devices as well as the usual sources. This
> seems to have helped significantly, even if it does somewhat reduce the
> security of the system.

Thanks for your reply. So you're saying that even so few users could cause 
the server to run out of entropy?

I haven't done anything to /dev/random, it's out of the box. I always 
thought the point of /dev/random was that you didn't have to run egd. 
Patching the kernel is not an option. I'd prefer to use /dev/urandom 
instead. I still wonder why POP seems to be unaffected and why "cat 
/dev/random" doesn't block ...

Cheers, Sebastian Hagedorn
--
Sebastian Hagedorn M.A. - RZKR-R1 (Gebäude 52), Zimmer 18
Zentrum für angewandte Informatik - Universitätsweiter Service RRZK
Universität zu Köln / Cologne University - Tel. +49-221-478-5587
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20030407/d6deba89/attachment.bin


More information about the Info-cyrus mailing list