Flip default for --weak-random

author: Lars Wirzenius <liw@liw.fi> 2016-08-12 14:31:01 +0300
committer: Lars Wirzenius <liw@liw.fi> 2016-08-12 14:31:01 +0300
commit: f45fb5a10640399959f5d6d4d730da168aaad678 (patch)
tree: 51dac66b44e1fa2e3498f044a798210f832b23f1
parent: 3cd5e6152846164bbd7e99432db61558535b8db6 (diff)
download: obnam-f45fb5a10640399959f5d6d4d730da168aaad678.tar.gz
2 files changed, 7 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 2dff53bb..bec96a03 100644
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,12 @@ Version 1.20, not yet released
 * Remi Rampin started updating and continuing the French translation
   of the Obnam manual.
 
+* Lars Wirzenius changed the default so that Obnam reads random data
+  when creating encryption key from `/dev/urandom` instead of
+  `/dev/random`. The goal is to make it less likely that Obnam stops
+  at the key generation stage on machines with little entropy. Set
+  `weak-random = no` in your configuration to override this.
+
 Minor changes:
 
 * Lars Wirzenius changed `obnam forget` so that if there is nothing to
diff --git a/obnamlib/plugins/encryption_plugin.py b/obnamlib/plugins/encryption_plugin.py
index 8c8eecf3..4d811980 100644
--- a/obnamlib/plugins/encryption_plugin.py
+++ b/obnamlib/plugins/encryption_plugin.py
@@ -39,6 +39,7 @@ class EncryptionPlugin(obnamlib.ObnamPlugin):
             ['weak-random'],
             'use /dev/urandom instead of /dev/random '
             'to generate symmetric keys',
+            default=True,
             group=encryption_group)
         self.app.settings.boolean(
             ['key-details'],
author	Lars Wirzenius <liw@liw.fi>	2016-08-12 14:31:01 +0300
committer	Lars Wirzenius <liw@liw.fi>	2016-08-12 14:31:01 +0300
commit	f45fb5a10640399959f5d6d4d730da168aaad678 (patch)
tree	51dac66b44e1fa2e3498f044a798210f832b23f1
parent	3cd5e6152846164bbd7e99432db61558535b8db6 (diff)
download	obnam-f45fb5a10640399959f5d6d4d730da168aaad678.tar.gz