The entropy pool size is configurable on some systems. For Linux see /proc/sys/kernel/random/poolsize
Glenn On Wed, Jun 11, 2008 at 7:52 AM, Bruce Keats <[EMAIL PROTECTED]> wrote: > I forgot to mention that the systems in question are severs that do not > have the keyboard or mouse as sources of entropy. Yes indeed, the problem > seems a lack of entropy. What I find surprising is that on these systems, I > seem to be able to get approx 400 bytes from /dev/random and it doesn't > matter how long the system has been running for (hours, days, weeks or > months). This seems a little odd to me. > > Bruce > > On Tue, Jun 10, 2008 at 11:25 PM, David Schwartz <[EMAIL PROTECTED]> > wrote: > >> >> > What is the acceptable lower limit for the number of bytes for >> RAND_load_file()? >> >> Nobody can tell you what your requirements are. Some people will consider >> it >> acceptable just to read 1KB from /dev/urandom. This is only a problem if >> the >> entropy pool was never seeded, which is always at least possible. >> >> If you aren't comfortable reading from /dev/urandom, an acceptable >> compromise might be to read a small number of bytes from /dev/random >> (accepting that this might take a while in exchange for a stronger >> guarantee >> of security) and a larger number of bytes from /dev/urandom (in the hopes >> that this will increase security because it is quite likely to do so). >> >> IMO, 16 or 32 bytes from /dev/random and 256 bytes from /dev/urandom is >> sufficient for almost all imaginable applications. >> >> DS >> >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager [EMAIL PROTECTED] >> > >
