How to serve /dev/urandom over http?

Hello,

Can anyone recommend me a way of serving /dev/urandom over http?

I tried using caddy for this but the server is too stupid to read data from this pseudo device, it just sends empty 0 byte file.

Also I’d prefer a simple cmd one liner (thats why I tried to use caddy for this in the first place)

Not a one liner, but it’d be easy to use Python flask library to write a handler for a url that copies data from an openfile into the result, or actually you could generate random data.

There’s also darkhttpd - give that a try.

May I ask, what is the point in serving /dev/urandom via HTTP?
First of, I think technically it should be impossible, because /dev/urandom is a continous hash-derived CSPRNG, which is just fancy words for basically an endless stream of (pseudo-random) numbers.
HTTP can only deal with fixed-length data*.
You can use HTTP multipart to basically stream endless data. You still have to define a “block size”, at which point you could also just server “parts of” /dev/urandom.

Which is my guess as to what you’re trying to do - have some kind of API to get pseudo-random data, in blocks.

You could implement this a million different ways, but here’s a simple Bash CGI script.
You can run this, if you’ve got busybox installed, by creating a directory called cgi-bin, copying this script to a file there(e.g. random.sh) and make it executable, then running e.g. busybox httpd -vv -f -p 8080 and navigating your webbrowser to http://127.0.0.1:8080/cgi-bin/random.sh.

#!/bin/bash
set -eux

# set the number of bytes returned below:
BYTES="1024"

echo "Content-Type: application/octet-stream"
echo
head -q -c "${BYTES}" /dev/urandom

Still, this is hardly ever useful - You’re almost always better of using the built-in APIs to get random numbers.
This will be faster, more secure, and won’t cost your users traffic.

EDIT: You want a one-liner, huh?
mkdir -p cgi-bin && echo -e "#\x21/bin/bash\\necho -e \"Content-Type: application/octet-stream\\\\n\"\nhead -qc 1024 /dev/urandom" > cgi-bin/random.sh && chmod u+x cgi-bin/random.sh && busybox httpd -vvfp 8080
(This is technically one line. Well, maybe if you have an ultra-wide monitor, or disabled automatic line breaks :stuck_out_tongue: )

2 Likes

Is there no way to generate pseudorandom numbers from the client device? Must it come from the server itself?

1 Like

I’ve used Flask once to stream logs. Had to create a generator. Since its just a stream of characters the process is probably similar.

Make a site in nginx or apache an symlink index.html to /dev/urandom.

Why do you need this? There are easier ways of generating pseudo random streams. For example let a client and server agree on some randomsseed and run the generation locally.