Remove All Software Generators

Jochen Bern Jochen.Bern at
Wed Oct 30 17:44:43 UTC 2019

On 10/30/2019 04:19 PM, openssl-users-request at digested:
> From: Frederick Gotham <cauldwell.thomas at>
> To: openssl-users at
> I even tried deleting /dev/random and  /dev/urandom

... don't do that. The Linux kernel is both a provider and a consumer of
entropy, e.g., to randomize the TCP sequence numbers as it establishes
TCP connections on behalf of applications. Unless you go all the way and
add a TPM driver (as the only source of entropy) to *the kernel*, you
risk ending up with "good crypto" on the application layer but easily
hijacked connections, defeated stack randomization, SSH logins from
remote that fail, etc. etc..

Kind regards,
Jochen Bern

E  jochen.bern at

More information about the openssl-users mailing list