Rubin, Greg · Gary E. Miller · Gary E. Miller · ecd876b1 · ecd876b1
--- a/docs/includes/ntpkeygen-body.txt
+++ b/docs/includes/ntpkeygen-body.txt
@@ -88,9 +88,10 @@ predictable. Various means dependent on external events, such as
 keystroke intervals, can be used to do this and some systems have
 built-in entropy sources.

-This implementation uses Python's PRNG, seeded with a combination
-of the system time and the current process ID.  The core of this
-is based on the Mersenne Twister, with a period of 2^19937^-1.
+This implementation uses Python's random module.  The function used
+calls the underlying OS's urandom syscall.  The security of the 
+module is improved in
+https://docs.python.org/library/os.html#os.urandom[Python 3.5+].

 [[crypto]]
 == Cryptographic Data Files ==

--- a/ntpclients/ntpkeygen
+++ b/ntpclients/ntpkeygen
@@ -88,7 +88,9 @@ if __name__ == '__main__':
            print("usage: ntpkeygen [-M]")
            raise SystemExit(0)

-    randomizer = random.SystemRandom(time.time() + os.getpid())
+    # The seed is ignored by random.SystemRandom, 
+    # even though the docs does not say so.
+    randomizer = random.SystemRandom()
    gen_md5("md5", socket.gethostname())
    raise SystemExit(0)