Timeline for Random number generation in Solaris?
Current License: CC BY-SA 3.0
7 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Nov 24, 2015 at 15:15 | comment | added | JaredTS486 |
@Gilles I am not sure what the issue is with the server I am working on, but yesterday echo $RANDOM was producing null / blank values. Today it appears to be working fine. This makes me nervous about making a script that relies on it so I appreciate you looking into the other option. Thanks!
|
|
| Nov 24, 2015 at 15:03 | vote | accept | JaredTS486 | ||
| Nov 24, 2015 at 10:33 | comment | added | Gilles 'SO- stop being evil' |
@WouterVerhelst I write cryptographic software for a living, and it is my professional opinion that there is nothing wrong with generating a cryptographic key by retrieving bytes from /dev/random with a shell script. (There are of course plenty of ways to do that wrong, or to misuse the key, but the fundamental approach is sound.)
|
|
| Nov 24, 2015 at 9:27 | comment | added | Wouter Verhelst |
This is getting way off topic, but no. Generating a key involves much more than 'just' random numbers, and doing it in shell is a terrible idea. There are certainly reasons why you might want to use /dev/random in a shell script, but cryptography is not one of them.
|
|
| Nov 24, 2015 at 1:23 | comment | added | Gilles 'SO- stop being evil' |
@WouterVerhelst You might want to generate a key from a shell script, and pass it to some other command that does cryptography. The random value might also be something that isn't directly involved in cryptography, but needs to be unpredictable, such as a password/cookie of some kind. /dev/random is suitable for that, $RANDOM isn't.
|
|
| Nov 24, 2015 at 1:17 | comment | added | Wouter Verhelst | Well, if you're going to implement cryptography in shell, you're doomed anyway :-) | |
| Nov 24, 2015 at 0:59 | history | answered | Gilles 'SO- stop being evil' | CC BY-SA 3.0 |