| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1197099477.20786.149.camel@perihelion> Date: Sat, 08 Dec 2007 02:38:32 -0500 From: Jon Masters <jonathan@...masters.org> To: linux-kernel@...r.kernel.org Subject: Re: Why does reading from /dev/urandom deplete entropy so much? On Wed, 2007-12-05 at 09:49 -0500, Theodore Tso wrote: > On Wed, Dec 05, 2007 at 08:26:19AM -0600, Mike McGrath wrote: > > > > Ok, whats going on here is an issue with how the smolt RPM installs the > > UUID and how Fedora's Live CD does an install. It's a complete false alarm > > on the kernel side, sorry for the confusion. > > BTW, You may be better off using "uuidgen -t" to generate the UUID in > the smolt RPM, since that will use 12 bits of randomness from > /dev/random, plus the MAC, address and timestamp. So even if there is > zero randomness in /dev/random, and the time is January 1, 1970, at > least the MAC will contribute some uniqueness to the UUID. I haven't checked how uuidgen uses the MAC, but I would suggest that that is not something Fedora should jump at doing - although it would help ensure unique UUIDs, it also contributes to the tinfoil hat responses that usually come up with things like smolt. Jon. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists