Hey Mike. Welcome to IOTA!
It’s probably good enough. I have a minor concern that this approach may over-emphasise certain characters if the CSPRNG isn’t implemented properly, but in modern OSes, it’s probably not an issue.
An approach that I would prefer to use requires a bit of Python and can be found here:
Here’s a breakdown of what the command does:
cat /dev/urandom | LC_ALL=C tr -dc 'A-Z9' | fold -w 81 | head -n 1
/dev/urandom on macOS is what’s known as a CSPRNG (cryptographically-secure pseudo-random number generator). This means that it is safe to use in situations where you need to generate random numbers in a way that is extremely difficult for an attacker to guess or replicate the result.
cat /dev/urandom instructs the system to read a stream of random data. If you were to run this command by itself, it would stream random bytes to your terminal endlessly until you press ctrl-c
LC_ALL=C tr -dc 'A-Z9'
This command will strip out any bytes that aren’t uppercase letters or the number 9.
This part makes me a tad bit nervous, but it’s probably OK.
I’m always VERY paranoid about filtering the result of a RNG — you’ve now introduced a decidedly deterministic element into the process which might in some cases allow an attacker to differentiate the result from a truly “random” one.
For example, it might be that
/dev/urandom on your system tends to output, say, the letter ‘K’ a little more often than any other letter. Normally, the result is indistinguishable from a truly random result. However, if you strip out all non-letter values, the pattern becomes more recognisable.
fold -w 81 | head -n 1
This command inserts a newline every 81 characters, then returns just the first line. The end result is an 81-character string.
Depending on your system, you may be able to combine these two into one command:
head -c 81.