From owner-freebsd-questions Tue Jan 15 8: 0:31 2002 Delivered-To: freebsd-questions@freebsd.org Received: from hotmail.com (f149.pav2.hotmail.com [64.4.37.149]) by hub.freebsd.org (Postfix) with ESMTP id 1516837B423 for ; Tue, 15 Jan 2002 08:00:09 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 15 Jan 2002 08:00:05 -0800 Received: from 209.167.77.135 by pv2fd.pav2.hotmail.msn.com with HTTP; Tue, 15 Jan 2002 16:00:04 GMT X-Originating-IP: [209.167.77.135] From: "Graham Dunn" To: freebsd-questions@freebsd.org Subject: dnssec-keygen needs -r /dev/urandom on 4.5-RC Date: Tue, 15 Jan 2002 16:00:04 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 15 Jan 2002 16:00:05.0133 (UTC) FILETIME=[B282BBD0:01C19DDD] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG FreeBSD 4.5-RC (cvsup Fri Jan 11 14:23:07 GMT) Bind 9.1.3 from ports "dnssec-keygen -a hmac-md5 -b 128 -n user rndc" would just hang forever (or at least 15 minutes :). Adding -r /dev/urandom will allow the keys to be generated. How "safe" is /dev/urandom as a source of entropy? (There were a few messages on the bind-workers archive about FreeBSD-4.2's /dev/random not generating a lot of entropy). Graham PS. Why does the FreeBSD list server lookup the HELO hostname and refuse connection if it can't resolve? I appreciate the spam protection, but that seems a little over the top. _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message