Is /dev/random really my problem?
Sebastian Hagedorn
Hagedorn at uni-koeln.de
Mon Apr 7 05:01:01 EDT 2003
--On Montag, 7. April 2003 1:42 Uhr -0700 Christopher Smith <x at xman.org>
wrote:
> On Mon, 2003-04-07 at 00:54, Sebastian Hagedorn wrote:
>> Given this data, is it at all conceivable that /dev/random is really the
>> issue here? If it isn't, what would be the best way to debug this? I
>> tried using strace, but wasn't really sure *what* to strace.
>
> Server's tend not to have much entropy unless you give it to them. A lot
> of it depends on how your /dev/random is set up. Are you using egd or
> something similar? I myself have patched my Linux kernel so that it
> takes entropy from network devices as well as the usual sources. This
> seems to have helped significantly, even if it does somewhat reduce the
> security of the system.
Thanks for your reply. So you're saying that even so few users could cause
the server to run out of entropy?
I haven't done anything to /dev/random, it's out of the box. I always
thought the point of /dev/random was that you didn't have to run egd.
Patching the kernel is not an option. I'd prefer to use /dev/urandom
instead. I still wonder why POP seems to be unaffected and why "cat
/dev/random" doesn't block ...
Cheers, Sebastian Hagedorn
--
Sebastian Hagedorn M.A. - RZKR-R1 (Gebäude 52), Zimmer 18
Zentrum für angewandte Informatik - Universitätsweiter Service RRZK
Universität zu Köln / Cologne University - Tel. +49-221-478-5587
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20030407/d6deba89/attachment.bin
More information about the Info-cyrus
mailing list