Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You should pretty much just default to secure random.

/dev/urandom is fine; in Ruby apps, I'd use OpenSSL::Random.random_bytes or ActiveSupport::SecureRandom.random_number.



If OpenSSL::Random isn't working (because OpenSSL is not installed for example) there is also SecureRandom in the stdlib. It tries to do the right thing in any situation: Use OpenSSL:Random if available, otherwise it will fall back to what's available in the OS you're on.


What cases do you reserve /dev/random for? SSH keygen?

Do those functions just read from /dev/urandom?


I don't. Just use urandom.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: