undefined | Better HN

0 pointsThA0x26y ago0 comments

shuf uses randint(), which defaults to /dev/urandom as the nonce source:

https://github.com/coreutils/coreutils/blob/v8.31/gl/lib/ran...

Your "--random-source=/dev/urandom" line is superfluous. My original line is as secure as yours.

0 comments

3 comments · 1 top-level

1e-96y ago· 2 in thread

Interesting. They stopped using /dev/urandom as the default random file in version 7.3, which created the insecure default situation. Later, in version 8.6, they updated to use a default nonce from /dev/urandom. It's odd that the documentation has not be updated. Perhaps it's because the latest version will still default to an insecure nonce if there is no /dev/urandom?

ThA0x2OP6y ago

If you're on a Linux OS that's from ~2013 or later, then you're most likely on a version of coreutils that will default to /dev/urandom.

The master branch of coreutils is using getrandom(2). It will continue to draw entropy from the urandom source by default.

1e-96y ago

The latest versions of RHEL/CentOS 6 use coreutils version 8.4, so I assume their shuf defaults to insecure. I imagine that RHEL 5 ELS must have the same issue. I don't know of any other currently-supported Linux or BSD versions that might be a problem.

1 more reply

j / k navigate · click thread line to collapse