Re: One-line password generator

["Thomas Schmitt" <scdbackup@gmx.net>]

Hi,

Curt wrote:
> Here's a fresh (20 July of this year) view by Theodore Ts'o:
> https://lkml.org/lkml/2017/7/20/993

An opinion of substantial weight, indeed.

Nevertheless it would be more interesting to learn the reason why Linux
did not simply make /dev/random behave like /dev/urandom long ago.

And again, the argumentation of Theodore is that there is always enough
entropy at hand. I understand that in this situation there is no difference
between /dev/random and /dev/urandom.
The difference appears only when the assumption of wealth is not fulfilled.

Also one should note that Theodore uses the argument of a deprecated
/dev/random as answer to a side note of his discussion partner, not as
general statement.
The main point of Stephan Müller is that the system could collect more
entropy. The answer of Theodore is that it already collects more than
enough and does not have to care about being drained by /dev/random because
that draining is deprecated.

So one would have to ask him, whether this opinion does not hold under all
circumstances or what else blocks him from just making both mechanisms
equal. (Normally i would dare to approach him. But i guess he is already
annoyed by the topic and man page reading cowards like me.)


Have a nice day :)

Thomas