Menu

#8 Lack of entropy - empty /dev/random

open
Dan Aloni
None
5
2004-05-30
2004-04-01
Marti
No

This is not exactly a bug, but a big misfeature.
Since coLinux doesn't collect entropy, the entropy pool is
constantly empty, which is the cause of /dev/random
being empty. Applications that rely on it will just freeze
don't work. I think coLinux should use some legacy
methods for entropy collection, or at least temporarily
provide urandom or other sources.

Discussion

  • Nobody/Anonymous

    Nobody/Anonymous - 2004-04-10

    Logged In: NO

    There seems to be similar issue in UML too. Agree with you
    that it is quite a bit misfeature.

     

  • Dan Aloni

    Dan Aloni - 2004-05-30
    • assigned_to: nobody --> da-x
     

  • piyo

    piyo - 2004-09-03

    Logged In: YES
    user_id=3562

    According to the wiki's page "RandomNotes" (http://www.colinux.org/wiki/index.php/RandomNotes), you can work around this bug/misfeature by typing something in the ftlk console. This will serve as the entropy source for a little while at least.

    For example when using Subversion and committing a source change (svn commit), you may need to do this workaround for about 5 seconds. (Monkeys to typewriters: start!)

    Why can't colinux collect entropy from the network as a stop-gap feature? I have heard that collecting entropy from the network is not random enough (or a security problem), though.

     

  • Marius Huse Jacobsen

    Marius Huse Jacobsen - 2004-09-12

    Logged In: YES
    user_id=206105

    In many cases, it's better that it remains 'unsolved' - for
    things like crypto, it's 'not sending' versus 'sending weakly
    encrypted'. If your life depends on the confidentiality of a
    message, you'd prefer it not being sent.

     

  • Mark Bulas

    Mark Bulas - 2005-04-29

    Logged In: YES
    user_id=493291

    This is a huge issue for me as well. I've actually resorted
    to doing the following on my coLinux installation:

    mv /dev/random /dev/random.orig
    ln /dev/urandom /dev/random

    ...as this appears to be the only way to get any kind of
    random-number stuff out of the system. May not be very
    random, so you can't trust this for any kind of real
    cryptographic security, but at least programs that rely upon
    /dev/random (Subversion, et al) will now work without manual
    intervention.

     

  • GingGangGoolies

    GingGangGoolies - 2006-08-16

    Logged In: YES
    user_id=1233451

    While this doesn't resolve the issue it is a "quick fix"
    that may go some way to alleviating the noted problem:

    * Create a link from /dev/urandom to /dev/random

     

  • Henry N.

    Henry N. - 2007-09-24

    Logged In: YES
    user_id=579204
    Originator: NO

    The branch devel (from snapshot) with kernel 2.6.22 uses Networking interrupts for entropy. That is not the best, but better as blocking.

     

  • Nobody/Anonymous

    Nobody/Anonymous - 2008-08-28

    Logged In: NO

    $ equery uses apr
    [ Found these USE variables for dev-libs/apr-1.3.2 ]
    + + urandom : Use /dev/urandom instead of /dev/random

    it's lucky that i'm using gentoo so i can use urandom for it so my subversion works "just fine". good to know i can "Create a link from /dev/urandom to /dev/random" to slow problems beside apr. but if the entropy is not enough, it's unsecure.

     
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.