Ask the Expert

Increasing kernel security

What are some block and character devices available for increasing my kernel security?

Requires Free Membership to View

The principal block and character devices related to kernel security are /dev/random and /dev/urandom. These devices allow the retrieval of random data for use in generating cryptographic keys and other applications that require secure random numbers. For example, they are used when generating SSH keys.

The /dev/random is a high entropy device that requires user-generated input for output randomness, like hitting the keyboard. If it can't get sufficient input, it will block until sufficient input is available. In comparison, if /dev/urandom hasn't got sufficient input, it will return a strong hash of what input it has. This is allegedly slightly less secure than the /dev/random model, but any attack that exploited it, while feasible, would be hard to initiate.

You can read about these devices in more detail here.

This was first published in November 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: