Dear all,

A quick question which I hope some of you kind people may be able to help me with.
My current project at work (Java development) requires a large number of random numbers, and neither java.util.Random or SecureRandom are random enough (legal reasons, I'm told.)
Therefore, we've been looking at other options and the best one we have found so far is PRNGD (http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html.)

I have installed it and have got it running on one of my development machines (Sun Netra with Solaris 8), and it is a daemon which listens for requests on a socket (either TCP or Unix) and then sends back streams of random bytes based on various entropy sources such as vmstat. I am now trying to write some code to connect to it and I have written a basic Java application which connects to the TCP socket and fetches numbers. However, this only works when I run the app on the same machine as the PRNGD daemon is running on. When I try it from another machine, the connection is always refused and port scanning shows that the port is not open. I have added an entry for prngd to my /etc/services like so -
prngd tcp/708
but I have not added an entry to /etc/inetd.conf.
Do I need to add one to inetd.conf as well?
I thought that not all network services needed to be served by inetd? Am I wrong?

Thanks in advance,

Angus

Hi Angus,

According to SUN, first 1024 ports are reserved and only root owned processes can provide service at these ports.

When adding a new service on a well-known port like this, you need to update /etc/services files on both machines, client as well as server. If you change while running, restart the machine or do /etc/init.d/inetsvc stop|start.

I do not know the prngd process. If this daemon process does not get started at boot time by any run control script, you would then have to take advantage of inetd process and in that case, you need to place an entry in /etc/inet/inetd.conf file so that inetd can monitor incoming service request at that port. If you change this file while running the machine, do not forget to send HUP signal to inetd process or do /etc/init.d/inetsvc stop|start.

You can also write a run control script so that this daemon process gets started at boot time and in that case, I do not think you need to use inetd process because inetd is intended to serve processes on demand basis which do not get started at boot time.

Hope this would help you.