On Tue, 17 Dec 2002 13:36:21 +0100, Gaël Le Mignot said: > And /dev/urandom is not really done for "cryptographic secure" randomness, > it's the goal of /dev/random, not /dev/urandom (and AFAIK ssh only uses
That is not really true. The common implementations of /dev/[u]random for *BSD and Linux use only one entropy pool and the only difference between random and urandom ist that urandom never blocks on low entropy but continues to yield random bytes using a pesudo random number generater (i.e. hashing the pool again). So, as long as enough entropy is available both devices can be considered equal. Shalom-Salam, Werner