/dev/random vs. /dev/urandom and the krb5 test suite

Tom Yu tlyu at MIT.EDU
Mon Jun 22 17:03:45 EDT 2009

Sam Hartman <hartmans at MIT.EDU> writes:

>>>>>> "Greg" == Greg Hudson <ghudson at MIT.EDU> writes:
>     Greg> * There isn't much operational reason why you'd want to
>     Greg> suppress the use of /dev/random in favor of /dev/urandom for
>     Greg> all keys.  There was one report (from iastate) of a case
>     Greg> where a server was so random-starved as to be unable to
>     Greg> start kadmind, but using /dev/urandom in that case would be
>     Greg> dangerous because the amount of entropy present might be so
>     Greg> low as to be attackable.  So we are talking purely about an
>     Greg> option to be used to make the test suite friendlier to hosts
>     Greg> with limited amounts of /dev/random entropy.
> It turns out we've seen this in a number of cases in Debian.  It's
> generally acceptable to hold off starting up kadmind until the entropy
> pool fills.  However it's generally not acceptable to Debian's users
> to block the system initialization process until that happens.
> The problem was fixed by seeding the PRNG from /dev/random after
> kadmind forks.  I believe that was pushed upstream.

Do you recall the Debian or krbdev RT bug numbers?

More information about the krbdev mailing list