[openssl-dev] [openssl-users] Do you use EGD or PRNGD?

[Salz, Rich]

> I had to install an entropy gather on Debian desktop because reads to
> /dev/random would fail on occasion when the device was opened
> O_NONBLOCK. I was not hitting it hard - I was just trying to grab a 32 byte
> one-time seed to seed an in-app generator. It was really surprising to see
> Debian's RNG could only supply 7 bytes or so. I was amazed it happened out
> of the box in 2014.

I agree, that's pretty amazing.

Why is there no need?

It's hard to get random seeding done right.  The fewer moving parts, the easier it is to understand what's going on, and prove to yourself (or others) that it is correct.

As a workaround, periodically writing EGD data into a file that the application uses...