Improve random usage
Issue 68 by opensou...@till.name on 2010-06-03 13:25:29:
I just got an e-mail about cryptsetup using /dev/urandom instead of
/dev/random. I looked into the coded and noticed that /dev/urandom is used
to create the LUKS masterkey. This device may create less good random bits
than /dev/random and random(4) recommends to used /dev/random instead of
/dev/urandom for long lived GPG/SSL/SSH keys.
Changing this will mean, that cryptsetup might block until enough entropy
is available.
Also while looking at the manpage, I noticed it said that it warned about
using more than 128 random bits per minute. If this is still valid, than
luksFormat should probably be slowed down more, since it seems that at
least 512 random bits are used for salting and at least another 128 bits
are used for the master key.