How random is urandom?

Question

In Linux, just how random is /dev/urandom/? Is it considered safe?

Also is it possible to get a stream of 1's?

Answer 1

use /dev/urandom, its cryptographically secure.

good read: http://www.2uo.de/myths-about-urandom/

"If you are unsure about whether you should use /dev/random or /dev/urandom, then probably you want to use the latter."

When in doubt in early boot, wether you have enough entropy gathered. use the system call getrandom() instead. [1] Its best of both worlds, it blocks until (only once!) enough entropy is gathered, after that it will never block again.

[1] git kernel commit

Answer 2

Note 4.5 years later: this is bad advice. See one of these links for details.

If you're generating cryptographic keys on Linux, you want /dev/random, even if it blocks-- you don't need that many bits.

For just about anything else, like generating random test data or unpredictable session IDs, /dev/urandom is fine. There are enough sources of entropy in most systems (timing of keyboard and mouse events, network packets, etc) that the output will be unpredictable.

Answer 3

Please check the man page:

Yarrow is a fairly resilient algorithm, and is believed to be resistant
     to non-root.  The quality of its output is however dependent on regular
     addition of appropriate entropy. If the SecurityServer system daemon
     fails for any reason, output quality will suffer over time without any
     explicit indication from the random device itself.

     Paranoid programmers can counteract this risk somewhat by collecting
     entropy of their choice (e.g. from keystroke or mouse timings) and seed-
     ing it into random directly before obtaining important random numbers.