Message164212
From the /dev/urandom Linux man page:
If you are unsure about whether you should use /dev/random or
/dev/urandom, then probably you want to use the latter. As a general
rule, /dev/urandom should be used for everything except long-lived
GPG/SSL/SSH keys.
If a seed file is saved across reboots as recommended below (all major
Linux distributions have done this since 2000 at least), the output is
cryptographically secure against attackers without local root access as
soon as it is reloaded in the boot sequence, and perfectly adequate for
network encryption session keys.
So, yes, /dev/urandom is suitable for most cryptographic purposes (except long-lived private keys). |
|
Date |
User |
Action |
Args |
2012-06-27 23:29:30 | pitrou | set | recipients:
+ pitrou, loewis, rhettinger, vstinner, christian.heimes, Arfrever |
2012-06-27 23:29:29 | pitrou | set | messageid: <1340839769.89.0.355134147182.issue15206@psf.upfronthosting.co.za> |
2012-06-27 23:29:29 | pitrou | link | issue15206 messages |
2012-06-27 23:29:28 | pitrou | create | |
|