In reference to this question: https://serverfault.com/questions/534449
How does cat /dev/urandom
make some terminal emulators go wonky?
devlinuxrandom number generatorterminal-emulator
In reference to this question: https://serverfault.com/questions/534449
How does cat /dev/urandom
make some terminal emulators go wonky?
I think it'd be most useful if I took this a piece at a time. The general problem is: who is the key press intended for? The terminal, or the program running inside the terminal?
As an example, "screen", which is kindof a terminal, uses Ctrl+A as a prefix for its commands, to distinguish them from things going to the running program itself. (And provides a way to send Ctrl+A.)
gnome-terminal
has several keys that it captures to do various things, including some of the ones you ask about.
Also keep in mind that a terminal's "highlighting" is separate from the terminal's cursor position. Some terminals have no ability to highlight at all.
Now, taking this key combinations at a time:
left+right arrows to move left+right ctrl+arrow to move an entire word home/end to move to start/end of line
Move what left and right? Bash can be configured to do this, and typically is by default. Typically, these move the cursor position.
ctrl+c/ctrl+v to copy/paste
First: does copy/paste even make sense? If you're at a VT, you don't really have a clipboard, especially if X isn't running.
Some terminals can copy text in the output, and some will also "paste" by simulating you typing the contents of the clipboard. Ctrl+Shift+V, for example, is paste in gnome-terminal
, which may help. (And Ctrl+Shift+C is copy.) As discussed earlier, the big problem with Ctrl+C and Ctrl+V is they overlap with common terminal/program commands. (Ctrl+C is send interrupt (SIGINT) and Ctrl+V is verbatim.)
Some terminals also support two modes of copying data: a more normal "just copy", and what's known as "block select" or "block copy". (Hold Ctrl, and then drag while in gnome-terminal
for example.)
Additionally, xsel -b
can be used to pipe clipboard contents around. Depends on the exact situtation whether xsel
or the terminal's version of paste is more useful. See man xsel
.
shift+arrow to highlight text shift+ctrl+arrow to highlight an entire word
Your terminal's highlight (if it has this capability) is separate from cursor position. Again, lack of available key combos is probably a factor. Keep in mind a highlight has two positions: either the start and end, or the upper left and lower right corners. How do you manage both?
Finally, note that many GUI terminals, double-clicking a word will highlight it. (And in X, copy to the primary selection.)
screen
, as an example, has keys to switch into a mode for moving around the buffer (previous output) and copy/pasting.
I think if you make adequate use of xsel
and the primary selection, you will find clipboard operations are both rare enough and complex enough to merit using the mouse.
Randomness means the next value you get has no dependency on the previous value and there is no way for you to predict it.
This is actually hard for a computer to do, since a computer is pretty much just a really fast calculator - so it can do math, but will always get the exact answer every time. You can do something close to randomness with math called "pseudorandomness" - but it's not high quality enough to be used for cryptography.
So Linux collects "randomness" in pools from various sources (such as timing between input events). The "amount" of randomness in this pool is the entropy. Less entropy = less regular, repeating, predictable patterns - you want as much entropy as possible. The Linux kernel will "fill" its pool with entropy when it gets low, but it depends on what's happening on the system since it uses timing between unpredictable hardware events to generate it.
If the pool is empty, /dev/random
will block, or stop giving out data, until the kernel gets enough entropy.
/dev/urandom
will keep going - using pseudorandom techniques to generate random numbers.
Now that you got the basics down, you can always use urandom and here is why.
Here's an excerpt from that article explaining why it doesn't matter:
But let's assume you've obtained those “true” random numbers. What are you going to do with them?
You print them out, frame them and hang them on your living-room wall, to revel in the beauty of a quantum universe? That's great, and I certainly understand.
Wait, what? You're using them? For cryptographic purposes? Well, that spoils everything, because now things get a bit ugly.
You see, your truly-random, quantum effect blessed random numbers are put into some less respectable, real-world tarnished algorithms.
Because almost all of the cryptographic algorithms we use do not hold up to information-theoretic security. They can “only” offer computational security. The two exceptions that come to my mind are Shamir's Secret Sharing and the One-time pad. And while the first one may be a valid counterpoint (if you actually intend to use it), the latter is utterly impractical.
But all those algorithms you know about, aes, rsa, Diffie-Hellman, Elliptic curves, and all those crypto packages you're using, OpenSSL, GnuTLS, Keyczar, your operating system's crypto API, these are only computationally secure.
What's the difference? While information-theoretically secure algorithms are secure, period, those other algorithms cannot guarantee security against an adversary with unlimited computational power who's trying all possibilities for keys. We still use them because it would take all the computers in the world taken together longer than the universe has existed, so far. That's the level of “insecurity” we're talking about here.
Unless some clever guy breaks the algorithm itself, using much less computational power. Even computational power achievable today. That's the big prize every cryptanalyst dreams about: breaking aes itself, breaking rsa itself and so on.
So now we're at the point where you don't trust the inner building blocks of the random number generator, insisting on “true randomness” instead of “pseudo randomness”. But then you're using those “true” random numbers in algorithms that you so despise that you didn't want them near your random number generator in the first place!
Truth is, when state-of-the-art hash algorithms are broken, or when state-of-the-art block ciphers are broken, it doesn't matter that you get “philosophically insecure” random numbers because of them. You've got nothing left to securely use them for anyway.
So just use those computationally-secure random numbers for your computationally-secure algorithms. In other words: use /dev/urandom.
Best Answer
While there are your normal, printable ASCII characters that are sent back and forth on a terminal, there are also many unprintable characters that are used for the system to communicate with the terminal. For example, if a program sends the character
0x07
("ASCII Bell character"), your terminal should beep.Other special sequences can be used to change the color of text being displayed, which direction it's displayed, the title of the window, the size of the window, etc., among many other things.
When you
A bunch of random characters are dumped to your terminal, and the terminal can't tell that it's not real control codes.
Because the program is effectively sending random commands to the terminal, the terminal ends up in a random, often unusable state.