On Jun 4, 2008, at 9:02 AM, mabshoff wrote: > On Jun 4, 5:29 pm, Martin Albrecht <[EMAIL PROTECTED]> > wrote: >> On Wednesday 04 June 2008, mabshoff wrote: > > <SNIP> > >>> Yes, what could go wrong? ;) >> >>> Seriously: What I meant above is that we ought to see on Solaris >>> only >>> if switching to /dev/urandom as an entropy source does fix the >>> infinite startup time of the notebook. I had similar problems >>> with the >>> Sage notebook with the 64 bit OSX version initially due a non- >>> compiled >>> _ctypes extension, but in that case it failed outright. I am well >>> aware of the dangers of hacking on the random source for >>> anything, but >>> I promise that I will use more than PID to seed ;) > > Hi Martin, > >> Still, make sure you get absolutely crystal clear confirmation >> from upstream >> that what you're doing is tolerable. Anything else is not >> acceptable IMHO. > > certainly, I don't want to be the idiot that weeks after the OpenSSL > +Debian debacle does something equally stupid and hence will be know > in Slashdot lore as "that GNUTLS idiot" ;). It might in the end be a > config problem since on Solaris with Sage 3.0.1 upon the start of sage > the process just sits there polling /dev/random for well over two > minutes and nothing happens, i.e. I always killed it. I will now let > it sit there for a while and see if it comes up. Aside from that there > is a problem on that box due to some background jobs being way too > high in priority so that I only get a small default slice of the CPU. > I will pause the background processes now and see if that makes a > difference. > > Aside from that it would be good with somebody with deeper Solaris- > internals fu than me could enlighten me if /dev/random is the > preferred source of randomness. On linux at least /dev/urandom is > supposed to be a "better" source of entropy, but I could be wrong > about that.
/dev/urandom is not as good a source of entropy in the sense that is is a pseudo-random number generator (as opposed to /dev/random which will block until more "true" entropy is fed into it. If all you need is pseduo-randomness, then /dev/urandom is find and fast, but for cryptographic algorithms may not be as secure. In our case (for session keys) it should be fine, but it'd be bad to use for public key generation. - Robert --~--~---------~--~----~------------~-------~--~----~ To post to this group, send email to sage-devel@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sage-devel URLs: http://www.sagemath.org -~----------~----~----~----~------~----~------~--~---
