Gregory Sloop wrote:
In many of them, the random_file is a pre-generated random set of data.
Knowing what [modest amount] I do, this seems like an incredibly bad idea. [At least with a functional random number generator at your disposal.]
Yes.
There is at least one newer one using /dev/urandom [pseudo-random]. The stock eap.conf file in Ubuntu also does this.
I'm curious about why it would have ever been a pre-generated set of bits, which essentially have no entropy once they're given out/used - because they're not random any more, they're predictable.
It's historical.
If some kind soul would give me the trivia edition of why this was a common solution, I'd be grateful. [Or school me, nicely or course, about why you think it's an "Ok" practice.]
It's not. Alan DeKok.