From owner-freebsd-hackers  Sun Nov 22 14:51:09 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id OAA22398
          for freebsd-hackers-outgoing; Sun, 22 Nov 1998 14:51:09 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from beatrice.rutgers.edu (beatrice.rutgers.edu [165.230.209.143])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA22393
          for <hackers@freebsd.org>; Sun, 22 Nov 1998 14:51:06 -0800 (PST)
          (envelope-from easmith@beatrice.rutgers.edu)
Received: (from easmith@localhost) by beatrice.rutgers.edu (980427.SGI.8.8.8/970903.SGI.AUTOCF) id RAA02458; Sun, 22 Nov 1998 17:50:20 -0500 (EST)
From: "Allen Smith" <easmith@beatrice.rutgers.edu>
Message-Id: <9811221750.ZM2456@beatrice.rutgers.edu>
Date: Sun, 22 Nov 1998 17:50:20 -0500
In-Reply-To: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au>        "Re: freebsd-hackers-digest V4 #314" (Nov 22,  4:13pm)
References: <98Nov23.081136est.40323@border.alcanet.com.au>
X-Mailer: Z-Mail (3.2.3 08feb96 MediaMail)
To: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au>, hackers@FreeBSD.ORG
Subject: Re: freebsd-hackers-digest V4 #314
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Nov 22,  4:13pm, Peter Jeremy (possibly) wrote:
> On Fri, 20 Nov 1998 08:39:16 -0800 (PST), EE <ee123@rocketmail.com> wrote:
> >I'm looking for a password generator.
> 
> And various people responded with things like:
> "it's really piece of cake to write that kind of program in perl or C",
> and a couple of people posted sample code.
> 
> Unfortunately, all of the postings I've seen so far suffer from a
> fatal flaw - all of them use pseudo-random numbers and hence generate
> pseudo-random passwords.

Well... no, actually, mine didn't. It uses pgp's random source, which
is composed of key timings whenever you're entering text into it.

> A true random password requires random numbers, which are very
> difficult to generate within a computer.  Depending on your needs,
> /dev/random may be adequate (see random(4)).  srandomdev(3) is a
> start, but unfortunately uses /dev/urandom instead of /dev/random
> and can quietly fall back to srandom(3) in some cases.

Certainly, using /dev/random is nice... but the code I wrote was for
IRIX originally. (It's possible that pgp 5 may use /dev/random if it's 
available; I haven't gotten around to downloading it yet and checking.)

	-Allen

-- 
Allen Smith				easmith@beatrice.rutgers.edu
	

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message