linux urandom for random

Published: 2013-10-24
Updated: 2015-01-04

On linux, /dev/urandom serves data from the same pool as /dev/random, but it doesn't block (pause) when the kernel estimates that the "real entropy" in the pool has fallen too low. A proper, "cryptographic" pseudo-random algorithm seeded with a reasonable amount of "real entropy" (perhaps 64 bytes) should be good enough for anything. Most cryptographers and OpenBSD agree, but the "real random only" functionality is kept around for FIPS compliance or something like that.

On my headless linux server, nmbd (part of samba) is constantly using /dev/urandom, which also depletes the entropy of the pool, so that when something wants bytes from /dev/random, there aren't enough, preventing me from signing packager keys so pacman will install packages, and other stuff which sucks.

BSD systems have only a /dev/random, which doesn't give away any entropy until it has enough to seed a cryptographic pseudo-random generator, then it gives a non-blocking stream from that generator. I want something more like that.

One simple way (which I don't really suggest) is to just make /dev/random act like /dev/urandom, with a udev rule (put it at /etc/udev/rules.d/70-disable-random-entropy-estimation.rules):

# Remove any existing /dev/random, then create symlink pointing to /dev/urandom
KERNEL=="urandom", PROGRAM+="/bin/rm -f /dev/random", SYMLINK+="random"

A better way is to replace /dev/random with a link to /dev/urandom after enough "real entropy" has been collected. To do this, I add the following to my rc.local (see systemd rc.local):

echo "switching /dev/random to be /dev/urandom"
# generate some entropy
find /usr/bin /usr/include >/dev/null
printf "uptime: %s   entropy_avail: %s\n" \
    $(cut -d' ' -f1 /proc/uptime)     \
    $(cat /proc/sys/kernel/random/entropy_avail)
ln -sfv urandom /dev/random

(Well, that doesn't really check or wait/loop, but in my experience there's always enough entropy_avail after that find command, on my non-embedded systems.)