/dev/random vs. /dev/urandom and the krb5 test suite
Tom Yu
tlyu at MIT.EDU
Thu Jun 18 14:35:52 EDT 2009
Sam Hartman <hartmans at MIT.EDU> writes:
> So, during normal operation I would not expect Kerberos to use
> /dev/random much.
> I'd expect it to get used at
>
> * kadmind startup
> * kdb5_util usage
> * possibly (but probably not) krb5kdc
By inspection, only these files contain calls to
krb5_c_random_os_entropy with the "strong" argument set to 1:
kadmin/dbutil/kdb5_create.c
kadmin/server/ovsec_kadmd.c
> The idea is that long-term cryptographic keys such as TGT keys and
> service keys should use /dev/random to initialize the PRNG. I would
> not expect the KDC or clients to use /dev/random during normal
> operation nor would I expect startup of KDC and kadmind to use
> non-constant data from /dev/random.
>
> So, if you do create a krb5.conf option, I think having big warning
> flags would be entirely appropriate. I don't think you should ever
> need that option in a production environment.
I agree.
More information about the krbdev
mailing list