[gnutls-dev] Feature request: not really random session keys

Werner Koch wk at gnupg.org
Thu Jan 19 09:48:48 CET 2006

On Wed, 18 Jan 2006 14:19:59 +0100, Nikos Mavrogiannopoulos said:

> Indeed and /dev/urandom is adequate for this kind of keys. Only
> for long-lived keys such as the private keys /dev/random is used.

Said hundreds of times over the years: /dev/urandom drains the same
entropy people as /dev/random does.  It just does not block but falls
back into a PRNG.  Other applications in need for some bytes out of
/dev/randomj might then stall forever.



More information about the Gnutls-devel mailing list