34

Deja Dup cannot back up a hidden file .rnd located in my home folder. It is a binary file about 1kB in size. When I try to open in a text editor (gedit), I get an error message that there are invalid characters (UTF-8).

I know what .gnupg/rnd is, but this isn't .gnupg/rnd it's just .rnd. Also I haven't done anything that I can think of to create a gnupg key, at least not on purpose.

Anyone know what this baby is? I backup nightly and this file appeared a couple days ago. I have run update since then. I realize I could delete the file and see what happens, but I'd rather not go around kicking the tires on my machine if I don't have to.

Running Ubuntu 13.04, if that matters.

cshubhamrao
  • 4,135
  • 2
  • 19
  • 30
nbm
  • 603

1 Answers1

42

This file is used to see the entropy when using cryptographic tools, e.g. OpenSSL. You can safely delete it and there's no need to backup it.

So, why do we have it then? On most systems we don't have a lot of activity we can use as a random source and to speed up the process for generating random enough cryptographic keys, this file contains previously collected random entropy, helping in seeding. So this file is not the sole source for entropy.

And because it contains raw random data, you can't open it with a text editor. It's simply not encoded within the standard character sets, so a text editor doesn't know how to display it.

It should be readable only by the user itself, in mode 0600. If it's owned by root, you probably have run some sudo commands which keeps the $HOME variable to your regular user account. Just remove the file in that case, I'd say, as the user itself should be able to update this file. See also:

  • manpage of rand(1):

    The rand command outputs num pseudo-random bytes after seeding the
random number generator once.  As in other openssl command line tools,
PRNG seeding uses the file $HOME/.rnd or .rnd in addition to the files
given in the -rand option.  A new $HOME/.rnd or .rnd file will be
written back if enough seeding was obtained from these sources.

  • OpenSSL FAQ: Why do I get a "PRNG not seeded" error message?

gertvdijk
  • 67,947
  • So it is probably 0600 for security reasons and owned by root because some sudo command used rand(1). Doubt: wouldn't that interfere when a user command try to use rand(1)? If rand(1) try to read the file it will get EPERM --- I do not know if it's so smart as to delete it and recreate it as user... – Rmano Nov 20 '13 at 17:17
  • @Rmano Yeah, I guess so. It should be owned by the user itself. – gertvdijk Nov 20 '13 at 17:22
  • Interesting. I wonder if this was created when I stopped partway through configuring sendmail? Thanks for the informative response(s). I went ahead and deleted the file though I think Rmano has a good point; no adverse effects yet. – nbm Nov 21 '13 at 03:28
  • Anything that operates with OpenSSL could cause this. Sendmail will probably generate TLS certificates so that makes sense. However it should not appear in your homedir and could be considered a bug if you followed the Ubuntu/Debian package documentation. – gertvdijk Nov 21 '13 at 08:58