Kevin Buettner wrote: > If you read the code which implements /dev/random, you'll see that it > does use timings (I'm not sure if keyboard keypresses are considered > or not) from various of your computer's I/O subsystems in order to > generate its entropy pool. The numbers that you get out of > /dev/random are pretty good random numbers so long as you do not ask > for them too fast. (If you use up the entropy in the entropy pool too > quickly, it falls back on pseudo-random techniques for a while...) cat /dev/random spits out randomness at a medium pace. Also makes it pretty clear that keystrokes (or the interupts they generate) are definitly part of the package. Im not sure how one can use this up too fast, it seems to me that cat would use them up as fast as possible, and result in a constant stream of pseudorandom garbage if the above were true. according to /usr/src/linux/Documentation/devices.txt, /dev/random Nondeterministic random number gen. /dev/urandom Faster, less secure random number gen. /dev/urandom is the one that spits out data endlessly when subjected to cat... Perhaps the /dev/random in current distributions is really /dev/urandom? I cant say - I had to use mknod per the docs in the Linux source as there was no /dev/random on my system prior to me reading about it in a kernel upgrade (That means, BTW, that not only is relying on /dev/random not platform independant, but that it also will not function on older linux releases as well!) -- jkenner @ mindspring . com__ I Support Linux: _> _ _ |_ _ _ _| Working Together To <__(_||_)| )| `(_|(_)(_| To Build A Better Future. |