Hi, A couple of days ago there was a thread about /dev/arandom [1] and the consensus was to prefer /dev/urandom on OpenBSD.
Today I was working through the TLS configuration pages for the smtp(8) client for Postfix 3.x [2]. Under “TLS manager specific settings”, in reference to tlsmgr(8), there is the following: “In order to feed its in-memory PRNG pool, the tlsmgr(8) reads entropy from an external source...Specify a good entropy source...be sure to only use non-blocking sources (on OpenBSD, use /dev/arandom when tlsmgr(8) complains about /dev/urandom timeout erros).” In light of the message regarding /dev/arandom and /dev/urandom would it now be correct to use *ONLY* /dev/urandom on current versions of OpenBSD ? Thanks, - J Sources: [1] https://marc.info/?l=openbsd-misc&m=150796373110940&w=2 [2] https://www.postfix.org/TLS_README.html
