Subject: Re: /dev/random without random sources blocking forever?
To: None <tech-kern@netbsd.org>
From: Christos Zoulas <christos@astron.com>
List: tech-kern
Date: 08/21/2006 23:21:31
In article <20060821203839.GC18185@netbsd.org>,
Bill Studenmund <wrstuden@netbsd.org> wrote:
>-=-=-=-=-=-
>
>On Mon, Aug 21, 2006 at 01:20:59PM -0700, Garrett D'Amore wrote:
>> Jorge Acereda Maci? wrote:
>> > Hi,
>> >
>> > I've noticed that reading from /dev/random without attaching a random
>> > source (or specifying only a source of type RND_TYPE_NET) blocks
>> > forever. Is this the intended behaviour?
>> >
>> > I'm running -current for ofppc which ATM doesn't attach any random
>> > sources.
>>
>> Yes, without random sources, you can't get any entropy bits. Solution
>> is to add sources for entropy. Alternatively, use /dev/urandom which
>> gives back data without blocking, but might not be cryptographically robust.
>
>If you don't have ANY entropy sources, wouldn't it be better to error out
>on the read? Yes, if you don't have any entropy sources, you shouldn't use
>/dev/random. But "Don't do that" seems a better response than blocking
>forever.
How about /dev/urandom?
christos