From: SourceForge.net <no...@so...> - 2008-08-28 02:21:45
|
Bugs item #927741, was opened at 2004-04-01 19:05 Message generated for change (Comment added) made by nobody You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=622063&aid=927741&group_id=98788 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Marti (sipsick) Assigned to: Dan Aloni (da-x) Summary: Lack of entropy - empty /dev/random Initial Comment: This is not exactly a bug, but a big misfeature. Since coLinux doesn't collect entropy, the entropy pool is constantly empty, which is the cause of /dev/random being empty. Applications that rely on it will just freeze don't work. I think coLinux should use some legacy methods for entropy collection, or at least temporarily provide urandom or other sources. ---------------------------------------------------------------------- Comment By: Nobody/Anonymous (nobody) Date: 2008-08-28 02:21 Message: Logged In: NO $ equery uses apr [ Found these USE variables for dev-libs/apr-1.3.2 ] + + urandom : Use /dev/urandom instead of /dev/random it's lucky that i'm using gentoo so i can use urandom for it so my subversion works "just fine". good to know i can "Create a link from /dev/urandom to /dev/random" to slow problems beside apr. but if the entropy is not enough, it's unsecure. ---------------------------------------------------------------------- Comment By: Henry N. (henryn) Date: 2007-09-24 18:52 Message: Logged In: YES user_id=579204 Originator: NO The branch devel (from snapshot) with kernel 2.6.22 uses Networking interrupts for entropy. That is not the best, but better as blocking. ---------------------------------------------------------------------- Comment By: GingGangGoolies (simon_dainty) Date: 2006-08-16 18:52 Message: Logged In: YES user_id=1233451 While this doesn't resolve the issue it is a "quick fix" that may go some way to alleviating the noted problem: * Create a link from /dev/urandom to /dev/random ---------------------------------------------------------------------- Comment By: Mark Bulas (jalthar) Date: 2005-04-29 15:49 Message: Logged In: YES user_id=493291 This is a huge issue for me as well. I've actually resorted to doing the following on my coLinux installation: mv /dev/random /dev/random.orig ln /dev/urandom /dev/random ...as this appears to be the only way to get any kind of random-number stuff out of the system. May not be very random, so you can't trust this for any kind of real cryptographic security, but at least programs that rely upon /dev/random (Subversion, et al) will now work without manual intervention. ---------------------------------------------------------------------- Comment By: Marius Huse Jacobsen (mahuja) Date: 2004-09-12 20:04 Message: Logged In: YES user_id=206105 In many cases, it's better that it remains 'unsolved' - for things like crypto, it's 'not sending' versus 'sending weakly encrypted'. If your life depends on the confidentiality of a message, you'd prefer it not being sent. ---------------------------------------------------------------------- Comment By: Clifford Caoile (piyo) Date: 2004-09-03 22:41 Message: Logged In: YES user_id=3562 According to the wiki's page "RandomNotes" (http://www.colinux.org/wiki/index.php/RandomNotes), you can work around this bug/misfeature by typing something in the ftlk console. This will serve as the entropy source for a little while at least. For example when using Subversion and committing a source change (svn commit), you may need to do this workaround for about 5 seconds. (Monkeys to typewriters: start!) Why can't colinux collect entropy from the network as a stop-gap feature? I have heard that collecting entropy from the network is not random enough (or a security problem), though. ---------------------------------------------------------------------- Comment By: Nobody/Anonymous (nobody) Date: 2004-04-10 07:15 Message: Logged In: NO There seems to be similar issue in UML too. Agree with you that it is quite a bit misfeature. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=622063&aid=927741&group_id=98788 |