What are /dev/random and /dev/urandom in Linux?

The short answer to that question is "means of generating random numbers."

And I'm sure you are aware of that.

But to understand the use of /dev/random and /dev/urandom, first, you'd have to know why generating the random is so important.

Why generating random numbers is crucial?

Computers are machines and work on a set of instructions (that'd why we create programs to make them work).

And that's why it is not possible to ask the machine to think of any random number.

You may ask, why generating random numbers is so important? the answer is simple.

Security concerns.

Most cryptographic algorithms are based on generating random numbers as those numbers would, later on, be used to create cryptographic keys.

And if the generated numbers are not completely random in nature, it makes the whole cryptographic technique weak.

As those keys can be predicted quite easily. And this is the most crucial reason to generate random numbers.

So how Linux tackles this situation? Simple, it's the topic of today's discussion.

Using /dev/random and /dev/random.

The use of /dev/random and /dev/urandom

You guessed it right. They both are used to generate random numbers.

They both are used to provide an interface to the kernel's random number generator.

The random number generator will gather random input from external sources including device drivers into the entropy pool.

But there is a huge difference between /dev/random and /dev/urandom as they follow different approaches to generate random numbers.

How /dev/random will generate random numbers

The /dev/random will only return the random numbers from the entropy pool and if the entropy pool is empty or it does not indicate enough randomness, the reads to the /dev/random will be blocked.

Making it ideal for generating high-quality randoms.

How /dev/urandom will generate random numbers

The random(unlimited random) will use the entropy pool to return the random numbers but if the entropy pool is empty, it will generate data using SHA, MD5, or any other algorithm.

This means, unlike the /dev/random, it won't block the reads and will continue to get you the random numbers even if there is not enough randomness.

Which one to choose?

The 'Random' and 'Urandom' are made for the specific use cases. The Urandom is used when there is a constant need for random numbers and its randomness is not much important.

Whereas the Random is suitable for tasks where security is a prime concern as it will block the reads if the randomness is not up to the mark.

Although the randomness of Urandom is just slightly weaker than the Random, it is still used by many operations but I would recommend you go with Random (if you insist on having strong security).

Bonus: Generate a random password using Urandom

To generate a random password using the Urandom, all you have to do is follow the given command:

sudo < /dev/urandom tr -dc A-Za-z0-9 | head -c14; echo

Here, the tr command will get you to filter output from /dev/urandom such as it will get your password from A to Z, a to z and 0 to 9.

The head command will generate a string of 14 characters (using -c14).

Wrapping Up

In this guide, I explained the basics of /dev/random and /dev/urandom including the need for randomness.

And if you are curious, I use Urandom it to generate passwords as I find it robust and less likely to have errors that you may encounter using Random.

I hope you will find this guide helpful and if you have any queries, let me know in the comments.