test, and password generator

Paul Rubin phr-n2001 at nightsong.com
Tue Aug 28 07:23:37 CEST 2001


Will Ware <wware at alum.mit.edu> writes:
> That would be better. But whenever I test things like this, I get
> compulsive and run it so many times that I exhaust the entropy pool,
> and then my read() of /dev/random just sits there. I'd be curious to
> know if you have any clever thoughts on replenishing the entropy
> pool quicker without losing much security.

Use /dev/urandom rather than /dev/random.  There should be enough
physical entropy in the system to start with that nobody will
reconstruct it.  After that, the PRNG stream coming from /dev/urandom
is cryptographically strong, at least strong enough that it won't be
the weak link in a password-based system.



More information about the Python-list mailing list