Comment 1 for bug 240640
Revision history for this message
| tshay (c-launchpad-deb-kunde-j8l-de) wrote | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
4d1350f
(Get the code!)
Using /dev/random at all for such key generation seems totally inappropriate. Don't bother the user he doesn't care or at least he shouldn't. It breaks every other programm, which really needs highest quality entropy. To understand how severe this issue is, see: http://
What disturbed me most: This makes enabling a crypto-partition with a key from /dev/random hang. I had this problem when enabling swap. The proper fix was to use /dev/urandom for swap, since /dev/random offers no security advantage. In this particular case.
Is anyone who already knows the code willing to fix this? - Just changing /dev/random into /dev/urandom should be rather easy for anyone.