replace urandom with random

These both use the same CSPRNG on modern kernels, but random waits for
CSPRNG initialization instead of only attempting to initialize it.
This commit is contained in:
Daniel Micay 2024-06-17 15:03:17 -04:00
parent ce1fef8c0e
commit 750cd5e985
2 changed files with 2 additions and 2 deletions

View File

@ -50,7 +50,7 @@ rm ssh/sshd_config.tmp
ssh $remote "arch-chroot /mnt systemctl enable chronyd.service fstrim.timer logrotate.timer plocate-updatedb.timer systemd-networkd.service sshd.service unbound.service" ssh $remote "arch-chroot /mnt systemctl enable chronyd.service fstrim.timer logrotate.timer plocate-updatedb.timer systemd-networkd.service sshd.service unbound.service"
ssh $remote "arch-chroot /mnt systemctl disable remote-fs.target systemd-network-generator.service" ssh $remote "arch-chroot /mnt systemctl disable remote-fs.target systemd-network-generator.service"
ssh $remote "dd if=/dev/urandom of=/mnt/swapfile bs=1M count=$swap status=progress" ssh $remote "dd if=/dev/random of=/mnt/swapfile bs=1M count=$swap status=progress"
password=$(head -c32 <(tr -dc A-Za-z0-9 </dev/random)) password=$(head -c32 <(tr -dc A-Za-z0-9 </dev/random))
echo password: $password echo password: $password

View File

@ -9,7 +9,7 @@ cd /etc/nginx/session-ticket-keys
rsync -I 2.key 1.key rsync -I 2.key 1.key
rsync -I 3.key 2.key rsync -I 3.key 2.key
rsync -I 4.key 3.key rsync -I 4.key 3.key
head -c 80 </dev/urandom >new.key head -c 80 </dev/random >new.key
rsync -I new.key 4.key rsync -I new.key 4.key
rm new.key rm new.key
nginx -s reload nginx -s reload