How secure without /dev/random?

Bill Williams biwillia@cisco.com
Wed, 07 Jun 2000 10:55:49 -0400


I am trying to get a sense of how secure gpg is without
using egd.pl.  From reading between the lines, it seems
that a system without /dev/random will not have true RNG
capabilties, and therefore the encryption will be easier to
break.

My impression is that without /dev/random, gpg is not
really "enterprise" class encryption. How about adding
egd? How much does that really help?

My concern is that if I roll out gpg as an accross the
board replacement for pgp, I'd better include access to
egd or SUNWski or whatever.

Please cc me as well as the list as I haven't subscribed
yet.

--
Thanks,

-b
__________________________

Wm. Williams
Sr. Systems Administrator
Cisco Systems - RTP-IT
919-392-5724
__________________________