/dev/urandom entropy on whonix + virtualbox VM

stigmergik · September 17, 2018, 7:33am

I’m just getting started with zcash and following the instructions here.

I’m installing the client using apt-get on a whonix 14 workstation running on a virtualbox VM.

There is this line in the instructions:

echo "rpcpassword=`head -c 32 /dev/urandom | base64`" >> ~/.zcash/zcash.conf

I don’t know much anything about entropy/randomness on VMs or virtualbox in particular, but I got a little suspicious that maybe a virtualized environment might not provide “real” entropy and make that generated password less secure.

Is this a legitimate concern? Is there anything I need to do to make sure /dev/urandom is actually random?

bitcartel · September 18, 2018, 12:29am

This is a good starting point if you want to improve entropy in your VM:

To go down the rabbit hole:

garethtdavies · September 18, 2018, 4:30am

Those instructions could likely be updated as you don’t actually need that line in your zcash.conf as I believe it’ll simply use cookie authentication if it isn’t provided. Also, by default RPC access is limited to localhost so the risk here is probably pretty low unless you are allowing external RPC connections.

Topic		Replies	Views
Very basic zcash.conf Password issue Mining	4	2997	January 4, 2018
What do you use for username Mining	2	3436	October 29, 2016
Mining trouble? (WARNING: check your network connection...) Mining Support	15	2990	November 6, 2016
Zcash and Whonix = in love? Zcash Apps	5	2846	September 17, 2018
Dev help - VGA Passthrough on VM Mining	2	1415	October 11, 2016

/dev/urandom entropy on whonix + virtualbox VM

Related topics