[ntp:questions] /dev/random as opposed to //.rnd

coniptor at gmail.com coniptor at gmail.com
Fri May 11 22:06:38 UTC 2007

On May 11, 3:55 pm, conip... at gmail.com wrote:
> On May 11, 2:53 pm, Harlan Stenn <s... at ntp.isc.org> wrote:
> > coniptor,
> > We use OpenSSL for our crypto stuff.
> > OpenSSL uses ~/.rndfor some random stuff.
> > H
> Hi Harlen,
> I updated my server and client ntp.conf files to specify the randfile
> as /dev/random.
> On the server it hung and didn't return right to the prompt after I
> issued a /etc/init.d/ntpd restart
> I backgrounded it and restarted it again and this time it did return
> near as I can tell it hung because /dev/random had rw for u,g, & o but
> it reset to just rw on user and now returns so my issue with not being
> able to start ntpd and use /dev/random wasn't one to begin with.
> Knowing that, is there any reason I shouldn't be able to use openssl
> or ntp-keygen with /dev/random directly.
> Sorry for commenting on something before thoroughly checking
> everything out.

I had not seen your reply before I posted Steve.
Thank you for the information. I had seen part of that mask table
before but not all of it so that should help me figure out what is
working and what isn't. I will also try running ntp-keygen again and
see if it creates the keys without complaining about the non-existence
of .rnd in either /root or /etc/ntp. I have faith that it will given
your reply and that crypto randfile /dev/random worked out once the
permissions on /dev/random were sane.

Thank you both for your help! =)

More information about the questions mailing list