Using OneRNG hardware RNG can I get wireguard to use /dev/random
Ipad@petergarner.net
ipad at petergarner.net
Fri Jul 24 10:58:25 CEST 2020
>> On 24 Jul 2020, at 09:33, Jeffrey Walton <noloader at gmail.com> wrote:
>>
>> On Fri, Jul 24, 2020 at 4:28 AM peter garner <peter at petergarner.net> wrote:
>> I've used my OneRNG v3.0 external device to recreate my SSH moduli and
>> am now looking to recreate my wireguard keys.
>> According to the Wireguard docs it uses /dev/urandom:
>> https://gist.github.com/rmoriz/58f1768218a4fbc4b318615bfb85111d
>> fd = open("/dev/urandom", O_RDONLY);
>> if (fd < 0)
>> return fd;
>> ret = read(fd, out, len);
>> close(fd);
>
> Unrelated, the kernel-crypto folks recommend using /dev/urandom.
> Wiregaurd is following best practices. Also see
> https://lkml.org/lkml/2017/7/20/993.
>
> Jeff
Thanks Jeff - all is now clear (that link helped as well). I've been doing some additional research and everything makes sense.
More information about the WireGuard
mailing list