On 04/03/2017 01:21 PM, Houtchen, Steven wrote: > All, > > > > Does LUKs have a NIST SP 800-90Ar1 DRBG?? We are trying use use LUKS If compiled on RHEL (there is more requirements for FIPS 140 than just RNG) and running in FIPS mode, then it is using proper FIPS RNG (through gcrypt), otherwise it just use /dev/[u]random. > > but need to maybe replace /dev/urandom and/or /dev/random > > to be able to get some certifications for our equipment. You can compile it that it uses /dev/random by default, see configure switch --enable-dev-random. You can change it during runtime as well, see --use-random switch Cryptsetup will never ever implement own RNG. Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
