Yes I will certainly not abandon interactive mode. Non-interactive mode will be in addition to interactive mode. In addition to gathering entropy from the user, I like to present the user with many passwords. Then the user can pick one that seems easy to remember or whatever.
And cryptographic strength in a random number generator does not mean that any encryption is happening. Take a look at my primary random number generator:
The X's are random numbers. This generator will pass any random number test you throw at it. But suppose you knew the first three numbers:
26999973
46000027
81269972
You could have a database of the first three numbers for every possible seed. You could look up these three numbers. Now you know that the seed was 27. And so you can predict every other random number that this generator will output. Thus this random number generator is said to be cryptographically weak. A cryptographically strong RNG is unpredictable.
Just for the heck of it, I wanted a cryptographically strong RNG. So what I do is call the main RNG 500 times and load the results into an array. Then when a command is entered, one of 60 auxiliary RNG's is selected based loosely on the SECONDS variable. This RNG generates a number between 0 and 499. That element of the array is returned and the master RNG is called again to replace it. There's a lot more to it...this is the reader's digest version. Suffice it to say that if you give me the first n random numbers that it outputs, I cannot predict n+1. And it's not just that I don't have enough computers. Infinite computing resources still would not do it. I would also need to know what commands you are entering and the value of the system clock each time that you press return. In addition the automatic stuff that happens, there are user commands to restart the RNG's, scramble the arrays, etc.
In a command line driven version, I will have to select one auxiliary RNG and go with that. No it won't be as secure. The output will be just as good. The danger would come from an evil Perderabo on the system while the password generator is running. He *might* be able to to acquire enough information to guess the generated password.
Hi experts,
I'd like to generate the table/file containing:
number of milliseconds elapsed since midnight till midnight.
It should contain 5 columns (hours minutes seconds milliseconds):
Table will have theoretically 86 400 000 rows.
My question is , is there somewhere the file or source... (7 Replies)
Here is my new password generation script. The attachment, swordfish.txt, is in dos format. Remember that you need to use dos2unix or flip or something to get it into unix format.
The script is self documenting. It has an extensive help system built-in. And you can run:
swordfish "set... (8 Replies)
Hi,
I am new to bash scripting and i wanted to make a bash script that will generate a password for a user. The user must enter his/her name and the url of the site the password is used for. And the script will generate a password with those two elements in the password. So if the url is... (0 Replies)
I am using the below to random generate a password but I need to have 2 numeric characters and 6 alphabetic chars
head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 ; echo ''
6USUvqRB
------ Post updated at 04:43 PM ------
Any Help folks - Can the output be passed onto a sed command to... (9 Replies)
Hello
I use a bash script to creating the hosts file /etc/hosts
But there is a bug inside my output and I want to fix this.
My Array looks like this:
205,IP 111.122.133.20
205,HOST2 unas
205,HOST1 unas15533
205,COMMENT # UNAS
775,IP ... (9 Replies)
Discussion started by: Marti95
9 Replies
9. Forum Support Area for Unregistered Users & Account Problems
I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login.
Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies
LEARN ABOUT HPUX
rand
rand(3C)rand(3C)NAME
rand(), rand_r(), srand() - simple random-number generator
SYNOPSIS DESCRIPTION
uses a multiplicative, congruential, random-number generator with period 2^32 that returns successive pseudo-random numbers in the range
from 0 to 2^15-1.
can be called at any time to reset the random-number generator to a random starting point. The generator is initially seeded with a value
of 1.
returns a random number at the address pointed to by the randval parameter. The seed parameter can be set at any time to start the random-
number generator at an arbitrary point.
Note
The spectral properties of leave a great deal to be desired. provides a much better, though more elaborate, random-number generator (see
drand48(3C)).
RETURN VALUE
If seed or randval is NULL, returns 0. Otherwise, returns a psuedo-random integer.
EXAMPLES
The following:
int x, y;
srand(10);
x = rand();
y = rand();
would produce the same results as:
int x, y, s = 10;
x=rand_r(&s);
y=rand_r(&s);
WARNINGS
Users of should note that rand_r() now conforms with POSIX.1c. The old prototype of is supported for compatibility with existing DCE
applications only.
SEE ALSO drand48(3C), random(3M), thread_safety(5), random(7).
STANDARDS CONFORMANCE rand(3C)