[Fwd: Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh]
David G. Andersen
danderse at cs.utah.edu
Thu Sep 18 18:36:37 PDT 2003
Devon H. O'Dell just mooed:
>
> If I'm not mistaken, /dev/random is a pseudo-random generator, which
> means it has a certain period before it begins to repeat numbers (along
> with that it just isn't truly random). So, please correct me if I'm
> wrong, but doesn't this mean that when reading from /dev/random, you're
> 'losing' randomness/entropy/whatever you're calling it?
You're mistaken. /dev/random stops feeding you random bits
when it doesn't have enough. /dev/urandom depletes the entropy
pool, but when it starts to run out, it falls back to hashing
to generate pseudo-random sequences from the random bits that
it can obtain.
-Dave
--
work: dga at lcs.mit.edu me: dga at pobox.com
MIT Laboratory for Computer Science http://www.angio.net/
I do not accept unsolicited commercial email. Do not spam me.
More information about the freebsd-security
mailing list