commit | fce6971fe3673e8269414188fda0ce3b28b5cf03 | [log] [tgz] |
---|---|---|
author | Holger Hans Peter Freyther <holger@moiji-mobile.com> | Mon Jun 08 11:56:59 2015 +0200 |
committer | Holger Hans Peter Freyther <holger@moiji-mobile.com> | Wed Jul 01 08:16:40 2015 +0200 |
tree | 607c53e0006cd7b8e8033325c34d7ddd2926dda9 | |
parent | 8a8df80772a4bac0f3cb4d384f45a5d4c463fe11 [diff] |
nat: Provide access to /dev/urandom for the code Instead of doing open/read/close all the time, open the FD in the beginning and keep it open. To scare me even more I have seen /dev/urandom actually providing a short read and then blocking but it seems to be the best way to get the random byes we need for authentication. So one should/could run the cheap random generator on the system (e.g. haveged) or deal with the NAT process to block.