Will python SystemRandom / os.urandom always have enough entropy for good crypto

Question

I have a password generator:

import random, string

def gen_pass():
    foo = random.SystemRandom()
    length = 64
    chars = string.letters + string.digit         


        

Answer 1

/dev/random/ will block on read if it needs more entropy. /dev/urandom/ won't. So yes, if you use it too fast you'll run low on entropy. Probably still quite hard to guess, of course, but if you're really concerned you can read bytes from /dev/random/ instead. Ideally, with a non-blocking read loop and a progress indicator so you can move the mouse around and generate entropy if needed.