Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Unix PuTTY random number source
- Theo Markettos
November 10, 2003, 9:06 pm
rate this thread
something I'm puzzled about.
In the Windows version, PuTTY does things like grab mouse movement, battery
status etc to acquire entropy mainly because Windows doesn't have a
centralised random number generator.
However Unix does (/dev/random or /dev/urandom), but PuTTY seems to almost
ignore it. It still does things like reading /proc and reading the system
time to gain entropy.
What's the rationale behind this? OK, some Unices might not have
/dev/*random, but there are other methods to provide them. I can understand
this is a problem if PuTTY wants to have the 'just copy the binary'
installation method as on Windows, but it doesn't even try to use /dev other
than in initialisation. If I have a hardware randomness source which I
attach to /dev/*random, it seems like PuTTY ignores it and relies on
primarily the system time for its entropy. Does anyone know why?
Re: Unix PuTTY random number source
I'm not ignoring it: I read a reasonable chunk out of /dev/urandom
at startup. But I didn't want to read /dev/urandom on a _regular_
basis, because reading from /dev/urandom depletes /dev/random. I
wouldn't want to get the blame for other users' key generation
processes, with a genuine need to read from the blocking
/dev/random, not being able to get hold of the randomness they need
quickly because I've been antisocially draining the pool.
Ideally /dev/urandom _shouldn't_ deplete /dev/random, and if this
were reliably the case then I would cheerfully be reading a few
bytes from it in each of noise_get_light() and noise_regular().
Simon Tatham "The difference between theory and practice is
- » OpenSSH 3.7.1p2, password authentication method, and PAM
- — Next thread in » Secure Shell Forum
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum