08-14-2004
No, your comments are useful. Especially since I moving away from that type of interface. I wrote a simple password generator and it worked good enough with ksh. But with pdksh, it broke pretty bad. The symptom was that I could predict what character it would pick under certain conditions. I traced the problem to pdksh's internal linear congruential random number generator.
This sent me down the path of making an ultra secure password generator. And another potential problem is that command line arguments are visible to an adversary. So I've been moving away from command line arguments toward a completely interactive solution. Also I've been working on a very good random number generator. The current version gathers entropy from the user. By examining the SECONDS variable, I know how long the user took to enter the command. That number, together with the length of the command, is used to very strongly vary the output of the random number generator. Simply tapping the return key a few times will tremendously "stir the pot".
Perhaps I've been obsessing with security too much. I could add in a method of non-interactive use. This would sacrifice the cryptographic strength of the RNG. But a password generator can function well without a cryptographic strength RNG.
9 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Dear All,
I have a sorted file like
1
2
3
8
9
10
45
46
47
78
The output will be range like
1 3
8 10
45 47
78 78 (9 Replies)
Discussion started by: saifurshaon
9 Replies
2. What is on Your Mind?
QR Code Generator (0 Replies)
Discussion started by: Neo
0 Replies
3. Shell Programming and Scripting
Hi experts,
I'd like to generate the table/file containing:
number of milliseconds elapsed since midnight till midnight.
It should contain 5 columns (hours minutes seconds milliseconds):
Table will have theoretically 86 400 000 rows.
My question is , is there somewhere the file or source... (7 Replies)
Discussion started by: hernand
7 Replies
4. Cybersecurity
Here is my new password generation script. The attachment, swordfish.txt, is in dos format. Remember that you need to use dos2unix or flip or something to get it into unix format.
The script is self documenting. It has an extensive help system built-in. And you can run:
swordfish "set... (8 Replies)
Discussion started by: Perderabo
8 Replies
5. Shell Programming and Scripting
Thanks Guys
This really helped (5 Replies)
Discussion started by: robert89
5 Replies
6. UNIX for Beginners Questions & Answers
Hi,
I am new to bash scripting and i wanted to make a bash script that will generate a password for a user. The user must enter his/her name and the url of the site the password is used for. And the script will generate a password with those two elements in the password. So if the url is... (0 Replies)
Discussion started by: Kvr123
0 Replies
7. Shell Programming and Scripting
I am using the below to random generate a password but I need to have 2 numeric characters and 6 alphabetic chars
head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 ; echo ''
6USUvqRB
------ Post updated at 04:43 PM ------
Any Help folks - Can the output be passed onto a sed command to... (9 Replies)
Discussion started by: infernalhell
9 Replies
8. Shell Programming and Scripting
Hello
I use a bash script to creating the hosts file /etc/hosts
But there is a bug inside my output and I want to fix this.
My Array looks like this:
205,IP 111.122.133.20
205,HOST2 unas
205,HOST1 unas15533
205,COMMENT # UNAS
775,IP ... (9 Replies)
Discussion started by: Marti95
9 Replies
9. Forum Support Area for Unregistered Users & Account Problems
I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login.
Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies
rand(3C) rand(3C)
NAME
rand(), rand_r(), srand() - simple random-number generator
SYNOPSIS
DESCRIPTION
uses a multiplicative, congruential, random-number generator with period 2^32 that returns successive pseudo-random numbers in the range
from 0 to 2^15-1.
can be called at any time to reset the random-number generator to a random starting point. The generator is initially seeded with a value
of 1.
returns a random number at the address pointed to by the randval parameter. The seed parameter can be set at any time to start the random-
number generator at an arbitrary point.
Note
The spectral properties of leave a great deal to be desired. provides a much better, though more elaborate, random-number generator (see
drand48(3C)).
RETURN VALUE
If seed or randval is NULL, returns 0. Otherwise, returns a psuedo-random integer.
EXAMPLES
The following:
int x, y;
srand(10);
x = rand();
y = rand();
would produce the same results as:
int x, y, s = 10;
x=rand_r(&s);
y=rand_r(&s);
WARNINGS
Users of should note that rand_r() now conforms with POSIX.1c. The old prototype of is supported for compatibility with existing DCE
applications only.
SEE ALSO
drand48(3C), random(3M), thread_safety(5), random(7).
STANDARDS CONFORMANCE
rand(3C)