There are a few block and character devices available on Linux that will also help you with security.
The two devices /dev/random
and /dev/urandom
are provided by the
kernel to provide random data at any time.
Both /dev/random
and /dev/urandom
should be secure enough to use in
generating PGP keys, ssh
challenges, and other applications where
secure random numbers are required. Attackers should be unable to
predict the next number given any initial sequence of numbers from these
sources. There has been a lot of effort put in to ensuring that the
numbers you get from these sources are random in every sense of the word.
The only difference between the two devices, is that /dev/random
runs out of random bytes
and it makes you wait for more to be accumulated. Note that on some
systems, it can block for a long time waiting for new user-generated
entropy to be entered into the system. So you have to use care before
using /dev/random
. (Perhaps the best thing to do is to use it when
you're generating sensitive keying information, and you tell the user to
pound on the keyboard repeatedly until you print out "OK, enough".)
/dev/random
is high quality entropy, generated from measuring the
inter-interrupt times etc. It blocks until enough bits of random data
are available.
/dev/urandom
is similar, but when the store of entropy is running low,
it'll return a cryptographically strong hash of what there is. This
isn't as secure, but it's enough for most applications.
You might read from the devices using something like:
root# head -c 6 /dev/urandom | mimencode
This will print eight random characters on the console, suitable for
password generation. You can find mimencode
in the metamail
package.
See /usr/src/linux/drivers/char/random.c
for a description of the
algorithm.
Thanks to Theodore Y. Ts'o, Jon Lewis, and others from Linux-kernel for helping me (Dave) with this.