Author: Dominic Cleal Date: To: users Subject: Re: [bitfolk] Dear Entropy service users,
what software uses /dev/random?
On 13/03/16 01:56, Andy Smith wrote: > Going further, the question becomes, well, what software is there in
> existence that forces use of /dev/random with no configuration that
> would allow otherwise? Because even if we agree that all software
> *should* be using urandom, if some popular software *refuses* to
> without recompile, then we're still going to have to provide an
> Entropy service, because doing so is easier than running
> non-packaged software.
>
> So Entropy service users, what have you got that uses /dev/random?
My information might be very out of date, so perhaps somebody will
correct me, but Exim's TLS support (via gnutls) would read a lot from
/dev/random to set up connections - far more than OpenSSL did.
I think this was the reason I started using the entropy service, but
I've not checked for a long time whether the issue's still valid. A few
Debian bug reports suggest it might be fixed.
The other place I've seen it recently is when generating a new key pair
with GnuPG, though that was in a test suite rather than on my VPS.
