The principal block and character devices related to kernel security are /dev/random and /dev/urandom. These devices allow the retrieval of random data for use in generating cryptographic keys and other applications that require secure random numbers. For example, they are used when generating SSH keys.
The /dev/random is a high entropy device that requires user-generated input for output randomness, like hitting the keyboard. If it can't get sufficient input, it will block until sufficient input is available. In comparison, if /dev/urandom hasn't got sufficient input, it will return a strong hash of what input it has. This is allegedly slightly less secure than the /dev/random model, but any attack that exploited it, while feasible, would be hard to initiate.
You can read about these devices in more detail here.
Related Q&A from James Turnbull
A user wants to implement OSSEC on a Windows server because he has no server side Linux operating system.continue reading
Solaris 10 Trusted Extensions and SELinux are best suited to different system requirements and administrator skill sets. Our security expert explains...continue reading
Configuring spam filters Spamassassin and dspam together in the email server Postfix is easy with the resources listed by our security expert.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.