Date: Sat, 28 Dec 2002 13:32:41 -0800 From: Tim Kientzle <kientzle@acm.org> To: Mike Silbersack <silby@silby.com> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Can dhclient rely on /dev/random? Message-ID: <3E0E1879.6090801@acm.org> References: <3E0E02F3.6030205@acm.org> <20021228150348.Y10588-100000@patrocles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Silbersack wrote: > On Sat, 28 Dec 2002, Tim Kientzle wrote: >>Technical Question: is /dev/random sufficient >>for the cryptographic requirements of programs >>like dhclient, bind, etc? > > Yes. > > The only problem is that /dev/urandom and /dev/random might be too slow ... I've clocked /dev/random on -current at just about 10MB/s (on a 1GHz AMD Duron). That's plenty fast enough for generating session keys. ;-) > ... you may even want to use > /dev/urandom under 4.x, although it's nowhere near as good as the > /dev/(u)random on 5.x. If this code is just used for generating occasional keys, 4.x's /dev/random may well suffice. As I dig deeper, though, I'm starting to suspect that this code isn't actually used by dhclient at all. That would suggest a much simpler fix... ;-) Tim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E0E1879.6090801>