Using OneRNG hardware RNG can I get wireguard to use /dev/random

Ipad@petergarner.net ipad at petergarner.net
Fri Jul 24 10:58:25 CEST 2020


>> On 24 Jul 2020, at 09:33, Jeffrey Walton <noloader at gmail.com> wrote:
>> 
>> On Fri, Jul 24, 2020 at 4:28 AM peter garner <peter at petergarner.net> wrote:
>> I've used my OneRNG v3.0 external device to recreate my SSH moduli and
>> am now looking to recreate my wireguard keys.
>> According to the Wireguard docs it uses /dev/urandom:
>> https://gist.github.com/rmoriz/58f1768218a4fbc4b318615bfb85111d
>> fd = open("/dev/urandom", O_RDONLY);
>>       if (fd < 0)
>>               return fd;
>>       ret = read(fd, out, len);
>>       close(fd);
> 
> Unrelated, the kernel-crypto folks recommend using /dev/urandom.
> Wiregaurd is following best practices. Also see
> https://lkml.org/lkml/2017/7/20/993.
> 
> Jeff

Thanks Jeff - all is now clear (that link helped as well). I've been doing some additional research and everything makes sense.








More information about the WireGuard mailing list