Using OneRNG hardware RNG can I get wireguard to use /dev/random

Jason A. Donenfeld Jason at zx2c4.com
Fri Jul 24 10:55:35 CEST 2020


On Fri, Jul 24, 2020 at 10:27 AM peter garner <peter at petergarner.net> wrote:
>
> Hi List,
>
> Platform: Raspberry Pi4B, Raspbian Buster 10.  This device dedicated to
> wireguard. uname -a: Linux wireguard 4.19.118-v7l+ #1311 SMP Mon Apr 27
> 14:26:42 BST 2020 armv7l GNU/Linux. wg-quick is dated May 22 08:11
>
> I've used my OneRNG v3.0 external device to recreate my SSH moduli and
> am now looking to recreate my wireguard keys.
>
> According to the Wireguard docs it uses /dev/urandom:
> https://gist.github.com/rmoriz/58f1768218a4fbc4b318615bfb85111d
>
> fd = open("/dev/urandom", O_RDONLY);
>         if (fd < 0)
>                 return fd;
>         ret = read(fd, out, len);
>         close(fd);
>
> The OneRNG utilises /dev/random though - is there any way I can get
> wireguard to use /dev/random instead (without recompiling) ?

We're not going to change the wireguard-tools source for this.

But if you need to hijynx it, just use mknod to make /dev/urandom
point to the same device node as /dev/random. I'd recommend finding a
better solution, however, to whatever randomness situation you have
going on.


More information about the WireGuard mailing list