Re: /dev/urandom and RNDFILE question

> I'm a bit confused with the mechanism that stunnel and/or ssl uses to
> seed the PRNG.

Doesn't anyone read man pages any more?

RANDOMNESS
       o   stunnel needs to seed the PRNG (pseudo random number generator)
           in order for SSL to use good randomness.  The following sources
            are loaded in order until sufficient random data has been gathered:

           o       The file specified with the -R flag.

           o       The file specified by the RANDFILE environment variable, if 
set.

           o       The file .rnd in your home directory, if RANDFILE not set.

           o       The file specified with '--with-random' at compile time.

           o       The contents of the screen if running on Windows.

           o       The egd socket specified with the -E flag.

           o       The egd socket specified with '--with-egd-sock' at compile 
time.

           o       The /dev/urandom device.

....


> When I ran configure, it says it found a /dev/urandom. 
> In the man page, it also says that OpenSSL will use /dev/urandom if
> available.  When I run stunnel though, it seems to be using /.rnd.

Yep.  Because you have it.  If you didn't have it, it wouldn't use it.

> I do have a /dev/urandom on my machine, so what is the suggested method
> to seed the PRNG?  Is there any reason for stunnel to use /.rnd at all,
> since /dev/urandom is available?

When I wrote the random seeding bits, back in 0.9.5 days, I emulated the
way it was done by openssl.

> Do I want to set RNDoverwrite = no?

You should certainly have it re-write the random file if you're using
one.  If you don't have one, then it's irrelevant.

> Should I set RNDbytes=0 (to presumably force
> stunnel to have ssl get its random bits from /dev/urandom)?

Just delete your $HOME/.rnd file.

> I'd really appreciate it if someone could clarify this portion of the
> setup.

See the man page and the source in ssl.c - it's pretty clear what's
going on.

> Also, everything is working fine, I'm just confused on why stunnel is
> using /.rnd when /dev/urandom is available. 

Because that's what the code tells it to do.

Note that (0.9.6+) OpenSSL will (always?) add entropy from /dev/urandom if
available, so even if you have other things providing entropy,
OpenSSL will do it for you.


--
Brian Hatch                  "When one pays a visit
   Systems and                it is for the purpose
   Security Engineer          of wasting other
http://www.ifokr.org/bri/     people's time, not
                              one's own."
Every message PGP signed

pgphs29zBiVZQ.pgp
Description: PGP signature