Java’s SecureRandom.generateSeed() on Linux

On my Ubuntu server, running the following Java code caused the application to hang:

for (int i=1; i<=1000; i++) {
 SecureRandom random = new SecureRandom();
 // Deprecated: byte[] iv = random.getSeed(16);
 byte[] iv = random.generateSeed(16);
 System.out.println(i);
}


The code runs smoothly on Windows,  but hangs on Linux. I found out that with Java 5 or later, you need to run your application with the following parameter:

-Djava.security.egd=file:/dev/./urandom


Alternatively, you can modify the file jre/lib/security/java.security so that the following property is set permanently:

securerandom.source=file:/dev/./urandom


This applies to JRE 5, JRE 6 and JRE 7.

By the way: In Java 1.4, the default setting is /dev/random, which tends to block if there is no I/O action. Changing the setting to /dev/urandom (as above) fixes the issue here.

For further information, have a look at this bug report.

One thought on “Java’s SecureRandom.generateSeed() on Linux”

Leave a Reply

Your email address will not be published. Required fields are marked *