-
Notifications
You must be signed in to change notification settings - Fork 257
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make -devrandom
option a no-op?
#596
Comments
I don't mind if it is removed / replaced with a no-op, at least for me it is no longer that relevant (due to the newer Go version and modern Linux kernels used). Note that Linux now also generates entropy instead of returning low quality randomness to usermode right after startup: https://lwn.net/Articles/802360/. Best regards, |
rfjakob
added a commit
that referenced
this issue
Aug 25, 2021
Commit f3c777d added the `-devrandom` option: commit f3c777d Author: @slackner Date: Sun Nov 19 13:30:04 2017 +0100 main: Add '-devrandom' commandline option Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy. We now require Go v1.13 and Kernel versions should have also moved on. Make the flag a no-op. #596
Done in 61ef6b0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Commit f3c777d added the
-devrandom
option:We now require Go 1.13 (a5f88e8)
However, it looks like kernel 3.16 is still alive with the last commit only a year ago: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/log/?h=linux-3.16.y
@slackner do you think
-devrandom
is still useful?The text was updated successfully, but these errors were encountered: