I have a need to start docker with a crypto secure random number generator. With all the default settings I repeat key generations with every restart. Is there something I can do to reset urandom (I presume) by default?
Asked
Active
Viewed 371 times
1 Answers
2
You should not use /dev/urandom as a crypto secure random number generator, use /dev/random instead. This should already be linked with /dev/random on the container host. From man urandom:
If you are unsure about whether you should use /dev/random or /dev/urandom, then probably you want to use the latter. As a general rule, /dev/urandom should be used for everything except long-lived GPG/SSL/SSH keys.
If you need a globally seeded /dev/urandom see this answer. In essence you can just link in the host's /dev/urandom to the container which should be impervious to container restarts. But again, do not use this for crypto.
