Date: Sun, 22 Nov 1998 17:50:20 -0500 From: "Allen Smith" <easmith@beatrice.rutgers.edu> To: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au>, hackers@FreeBSD.ORG Subject: Re: freebsd-hackers-digest V4 #314 Message-ID: <9811221750.ZM2456@beatrice.rutgers.edu> In-Reply-To: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au> "Re: freebsd-hackers-digest V4 #314" (Nov 22, 4:13pm) References: <98Nov23.081136est.40323@border.alcanet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 22, 4:13pm, Peter Jeremy (possibly) wrote: > On Fri, 20 Nov 1998 08:39:16 -0800 (PST), EE <ee123@rocketmail.com> wrote: > >I'm looking for a password generator. > > And various people responded with things like: > "it's really piece of cake to write that kind of program in perl or C", > and a couple of people posted sample code. > > Unfortunately, all of the postings I've seen so far suffer from a > fatal flaw - all of them use pseudo-random numbers and hence generate > pseudo-random passwords. Well... no, actually, mine didn't. It uses pgp's random source, which is composed of key timings whenever you're entering text into it. > A true random password requires random numbers, which are very > difficult to generate within a computer. Depending on your needs, > /dev/random may be adequate (see random(4)). srandomdev(3) is a > start, but unfortunately uses /dev/urandom instead of /dev/random > and can quietly fall back to srandom(3) in some cases. Certainly, using /dev/random is nice... but the code I wrote was for IRIX originally. (It's possible that pgp 5 may use /dev/random if it's available; I haven't gotten around to downloading it yet and checking.) -Allen -- Allen Smith easmith@beatrice.rutgers.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9811221750.ZM2456>