[Info-vax] SSH/SCP sessions hanging for 7 minutes while reading from "/dev/random"
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Thu Sep 30 12:26:02 EDT 2021
On 2021-09-30 05:39:35 +0000, Lawrence D’Oliveiro said:
> Lack of system entropy to keep /dev/random fed? This is why we have
> /dev/urandom, for all but the most critical uses.
Within OpenVMS, there is no pseudo-device that provides either
pseudo-random number generation or cryptographic pseudo-random number
generation.
That driver (which would be unusual on OpenVMS), and system service
APIs (which are common) have been proposed. Kernel TLS has been
proposed, too.
OpenVMS itself hasn't more generally adopted CPRNG support at its
existing APIs, with the common APIs producing PRNGs.
Reasons not to update have been found, as per usual with OpenVMS upward
compatibility.
For one of the previous discussions of OpenVMS and CPRNGs and of
seeding an entropy pool:
https://groups.google.com/g/comp.os.vms/c/BmIXV0gN3n8/m/mETohq6qAgAJ
Within recent Linux kernel versions, /dev/random and /dev/urandom are
the same underneath, neither will block post-initialization, and both
will produce the same CPRNG values.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list