[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: makepasswd very slow the second call



>>>>> "Sean" == Sean 'Shaleh' Perry <shaleh@valinux.com> writes:

    Manuel> Hello, I work on Debian Potato, And I am generating
    Manuel> passwords with makepasswd The first time I call it, it
    Manuel> works fine, but the second time it is very slow: 7 to 9
    Manuel> seconds!
    Manuel> 
    Manuel> Here is my code: PASSWORD=`makepasswd --chars 8 --count 1`
    Manuel> PASSWORD=`makepasswd --chars 8 --count 1`

    Sean> it reads /dev/random.  On a quiet system, there is not
    Sean> enough entropy for the random generator to creates random
    Sean> numbers with.  Eventually enough data is collected and the
    Sean> random generator gives a value.

Well, I would think that makepasswd really only needs a few bytes
of random data to seed srand, right? It's probably overdoing it and
sucking out way more than it needs..

Checking the source, there are indeed some bugs in makepasswd.

First off, it doesn't use the -w flag for warnings, leading to 
case errors: 

$Rerandom ne "" and do
{
        ($ReRandom > -1) or do

Obviously it needs to pick one capitalization.

The logic flow in makepasswd is a little odd, and I'm having a hard
time following it, but it seems to do a ton of work to 're-randomize'
the pseudo-random number generator. All that code should be thrown out
-- you really shouldn't ever re-seed the RNG, especially for something
as short as a password.

Ben

-- 
Brought to you by the letters J and W and the number 16.
"Nerd. Loser. Jerk. Moron. Worm. Scum. Idiot. Fool."
Debian GNU/Linux maintainer of Gimp and GTK+ -- http://www.debian.org/


--  
To UNSUBSCRIBE, email to debian-testing-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org



Reply to: