mirror of https://github.com/mkerrisk/man-pages
random.4: ffix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
11bda44143
commit
2d444feb01
|
@ -44,14 +44,14 @@ interface which requires no special files;
|
|||
see the
|
||||
.BR getrandom (2)
|
||||
manual page for details.
|
||||
|
||||
.PP
|
||||
When read, the
|
||||
.I /dev/urandom
|
||||
device returns random bytes using a pseudorandom
|
||||
number generator seeded from the entropy pool.
|
||||
Reads from this device do not block (i.e., the CPU is not yielded),
|
||||
but can incur an appreciable delay when requesting large amounts of data.
|
||||
|
||||
.PP
|
||||
When read during early boot time,
|
||||
.IR /dev/urandom
|
||||
may return data prior to the entropy pool being initialized.
|
||||
|
@ -60,7 +60,7 @@ may return data prior to the entropy pool being initialized.
|
|||
If this is of concern in your application, use
|
||||
.BR getrandom (2)
|
||||
or \fI/dev/random\fP instead.
|
||||
|
||||
.PP
|
||||
The \fI/dev/random\fP device is a legacy interface which dates back to
|
||||
a time where the cryptographic primitives used in the implementation
|
||||
of \fI/dev/urandom\fP were not widely trusted.
|
||||
|
@ -68,7 +68,7 @@ It will return random bytes only within the estimated number of
|
|||
bits of fresh noise in the entropy pool, blocking if necessary.
|
||||
\fI/dev/random\fP is suitable for applications that need
|
||||
high quality randomness, and can afford indeterminate delays.
|
||||
|
||||
.PP
|
||||
When the entropy pool is empty, reads from \fI/dev/random\fP will block
|
||||
until additional environmental noise is gathered.
|
||||
If
|
||||
|
@ -87,7 +87,7 @@ will return -1 and
|
|||
.I errno
|
||||
will be set to
|
||||
.BR EAGAIN .
|
||||
|
||||
.PP
|
||||
The
|
||||
.B O_NONBLOCK
|
||||
flag has no effect when opening
|
||||
|
@ -102,7 +102,7 @@ Reads with a buffer over this limit may return less than the
|
|||
requested number of bytes or fail with the error
|
||||
.BR EINTR ,
|
||||
if interrupted by a signal handler.
|
||||
|
||||
.PP
|
||||
Since Linux 3.16,
|
||||
.\" commit 79a8468747c5f95ed3d5ce8376a3e82e0c5857fc
|
||||
a
|
||||
|
@ -117,7 +117,7 @@ from
|
|||
will return at most 512 bytes
|
||||
.\" SEC_XFER_SIZE in drivers/char/random.c
|
||||
(340 bytes on Linux kernels before version 2.6.12).
|
||||
|
||||
.PP
|
||||
Writing to \fI/dev/random\fP or \fI/dev/urandom\fP will update the
|
||||
entropy pool with the data written, but this will not result in a
|
||||
higher entropy count.
|
||||
|
@ -135,7 +135,7 @@ these applications,
|
|||
.BR getrandom (2)
|
||||
must be used instead,
|
||||
because it will block until the entropy pool is initialized.
|
||||
|
||||
.PP
|
||||
If a seed file is saved across reboots as recommended below (all major
|
||||
Linux distributions have done this since 2000 at least), the output is
|
||||
cryptographically secure against attackers without local root access as
|
||||
|
@ -152,13 +152,13 @@ entropy is not immediately available.
|
|||
If your system does not have
|
||||
\fI/dev/random\fP and \fI/dev/urandom\fP created already, they
|
||||
can be created with the following commands:
|
||||
|
||||
.PP
|
||||
.nf
|
||||
mknod \-m 666 /dev/random c 1 8
|
||||
mknod \-m 666 /dev/urandom c 1 9
|
||||
chown root:root /dev/random /dev/urandom
|
||||
.fi
|
||||
|
||||
.PP
|
||||
When a Linux system starts up without much operator interaction,
|
||||
the entropy pool may be in a fairly predictable state.
|
||||
This reduces the actual amount of noise in the entropy pool
|
||||
|
@ -167,7 +167,7 @@ In order to counteract this effect, it helps to carry
|
|||
entropy pool information across shut-downs and start-ups.
|
||||
To do this, add the lines to an appropriate script
|
||||
which is run during the Linux system start-up sequence:
|
||||
|
||||
.PP
|
||||
.nf
|
||||
echo "Initializing random number generator..."
|
||||
random_seed=/var/run/random-seed
|
||||
|
@ -184,10 +184,10 @@ which is run during the Linux system start-up sequence:
|
|||
bytes=$(expr $bits / 8)
|
||||
dd if=/dev/urandom of=$random_seed count=1 bs=$bytes
|
||||
.fi
|
||||
|
||||
.PP
|
||||
Also, add the following lines in an appropriate script which is
|
||||
run during the Linux system shutdown:
|
||||
|
||||
.PP
|
||||
.nf
|
||||
# Carry a random seed from shut-down to start-up
|
||||
# Save the whole entropy pool
|
||||
|
@ -200,7 +200,7 @@ run during the Linux system shutdown:
|
|||
bytes=$(expr $bits / 8)
|
||||
dd if=/dev/urandom of=$random_seed count=1 bs=$bytes
|
||||
.fi
|
||||
|
||||
.PP
|
||||
In the above examples, we assume Linux 2.6.0 or later, where
|
||||
.IR /proc/sys/kernel/random/poolsize
|
||||
returns the size of the entropy pool in bits (see below).
|
||||
|
@ -331,5 +331,5 @@ may return data prior to the entropy pool being initialized.
|
|||
.BR mknod (1),
|
||||
.BR getrandom (2),
|
||||
.BR random (7)
|
||||
|
||||
.PP
|
||||
RFC\ 1750, "Randomness Recommendations for Security"
|
||||
|
|
Loading…
Reference in New Issue