Date: Tue, 21 Oct 2003 11:17:43 -0400 From: Daniel Fisher <daniel.fisher@vt.edu> To: freebsd-java@freebsd.org Subject: Re: file:/dev/random generated exception: null Message-ID: <20031021111743.44ea9b25.daniel.fisher@vt.edu> In-Reply-To: <20031020232351.GA58090@misty.eyesbeyond.com> References: <3F93E062.3030401@fork.pl> <20031020110839.54f1f3c8.daniel.fisher@vt.edu> <20031020232351.GA58090@misty.eyesbeyond.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 20 Oct 2003 17:23:51 -0600 Greg Lewis <glewis@eyesbeyond.com> wrote: > On Mon, Oct 20, 2003 at 11:08:39AM -0400, Daniel Fisher wrote: > > Looks like you ran out of random bytes in /dev/random, which is not > > uncommon. > > If you want to avoid this error use /dev/urandom. > > -Djava.security.egd=file:/dev/urandom > > However, doing so will get you much lower quality random numbers. > Depending on how much you value security this may not be acceptable. > I'd try rndcontrol(8) first, as Alexey mentioned. In my experience /dev/urandom is the only way to guarantee that ssl connections do not fail due to lack of random bytes. This is a common problem on servers which make a lot of separate ssl connections and cannot gather enough entropy to keep up. However, if the load on your application allows using /dev/random you should do so. Just keep in mind you may see these errors every so often. There are also other ways to gather entropy, but I can't vouch for them: http://egd.sourceforge.net/ -- Daniel Fisher
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031021111743.44ea9b25.daniel.fisher>