Question about the random file

Alan DeKok aland at
Tue Dec 9 16:39:52 CET 2008

Jason Wittlin-Cohen wrote:
> I'm currently using EAP-TLS with 3072 bit RSA certificates and a 3072
> bit DH paramters. Currently I'm using the random file produced by the
> bootstrap script which appears to take 10 bytes of data from
> /dev/urandom. Is this sufficient with the larger keysize I am using? In
> addition, many howtos suggest using /dev/urandom directly. Is this a
> good idea?

  Using /dev/urandom is fine.  It's not on every system, so the server
doesn't use it by default.

  Alan DeKok.

More information about the Freeradius-Users mailing list