[Info-vax] SSH/SCP sessions hanging for 7 minutes while reading from "/dev/random"
Lawrence D’Oliveiro
lawrencedo99 at gmail.com
Sun Oct 3 19:00:48 EDT 2021
On Friday, October 1, 2021 at 2:03:24 PM UTC+13, Stephen Hoffman wrote:
> On 2021-10-01 00:53:39 +0000, Lawrence D’Oliveiro said:
>
> > On Friday, October 1, 2021 at 5:26:04 AM UTC+13, Stephen Hoffman wrote:
>>
>>> Within recent Linux kernel versions, /dev/random and /dev/urandom are
>>> the same underneath, neither will block post-initialization, and both
>>> will produce the same CPRNG values.
>>
>> Not a chance.
>
> https://lore.kernel.org/lkml/20200131204...@mit.edu/
>
> "Change /dev/random so that it uses the CRNG and only blocking if the
> CRNG hasn't initialized, instead of the old blocking pool. Also clean
> up archrandom.h, and some other miscellaneous cleanups."
Just to be clear, the crucial difference between /dev/random and /dev/urandom is that the former will only ever return real entropy, and will block when it runs out, while the latter will start returning a merely pseudorandom number sequence. That is never going to change.
If you don’t believe me, check the source code for yourself <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/char/random.c>. Note the difference between the “random_read” and “urandom_read” routines.
More information about the Info-vax
mailing list