From f45fb5a10640399959f5d6d4d730da168aaad678 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Fri, 12 Aug 2016 14:31:01 +0300
Subject: Flip default for --weak-random

---
 NEWS                                  | 6 ++++++
 obnamlib/plugins/encryption_plugin.py | 1 +
 2 files changed, 7 insertions(+)

diff --git a/NEWS b/NEWS
index 2dff53bb..bec96a03 100644
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,12 @@ Version 1.20, not yet released
 * Remi Rampin started updating and continuing the French translation
   of the Obnam manual.
 
+* Lars Wirzenius changed the default so that Obnam reads random data
+  when creating encryption key from `/dev/urandom` instead of
+  `/dev/random`. The goal is to make it less likely that Obnam stops
+  at the key generation stage on machines with little entropy. Set
+  `weak-random = no` in your configuration to override this.
+
 Minor changes:
 
 * Lars Wirzenius changed `obnam forget` so that if there is nothing to
diff --git a/obnamlib/plugins/encryption_plugin.py b/obnamlib/plugins/encryption_plugin.py
index 8c8eecf3..4d811980 100644
--- a/obnamlib/plugins/encryption_plugin.py
+++ b/obnamlib/plugins/encryption_plugin.py
@@ -39,6 +39,7 @@ class EncryptionPlugin(obnamlib.ObnamPlugin):
             ['weak-random'],
             'use /dev/urandom instead of /dev/random '
             'to generate symmetric keys',
+            default=True,
             group=encryption_group)
         self.app.settings.boolean(
             ['key-details'],
-- 
cgit v1.2.1