In Linux, just how random is /dev/urandom/
? Is it considered safe?
Also is it possible to get a stream of 1's?
In Linux, just how random is /dev/urandom/
? Is it considered safe?
Also is it possible to get a stream of 1's?
Please check the man page:
Yarrow is a fairly resilient algorithm, and is believed to be resistant
to non-root. The quality of its output is however dependent on regular
addition of appropriate entropy. If the SecurityServer system daemon
fails for any reason, output quality will suffer over time without any
explicit indication from the random device itself.
Paranoid programmers can counteract this risk somewhat by collecting
entropy of their choice (e.g. from keystroke or mouse timings) and seed-
ing it into random directly before obtaining important random numbers.
If you're generating cryptographic keys on Linux, you want /dev/random
, even if it blocks-- you don't need that many bits.
For just about anything else, like generating random test data or unpredictable session IDs, /dev/urandom
is fine. There are enough sources of entropy in most systems (timing of keyboard and mouse events, network packets, etc) that the output will be unpredictable.