--- Begin Message ---
Subject: |
/dev/urandom not seeded across reboots |
Date: |
Mon, 23 May 2016 13:58:32 -0400 |
User-agent: |
Mutt/1.6.0 (2016-04-01) |
I realized that we don't seem to be saving any of the entropy in the
kernel's random pool [0] across reboots.
This means that for some period after boot, /dev/urandom may not be safe
to use. From random(4):
---
If a seed file is saved across reboots as recommended below (all major
Linux distributions have done this since 2000 at least),
[/dev/urandom's] output is cryptographically secure against attackers
without local root access as soon as it is reloaded in the boot
sequence, and perfectly adequate for network encryption session keys.
---
I interpret that text to mean that, without use of a seed file,
urandom's output is *not* adequate for network encryption session keys
(SSH, TLS, etc) until enough entropy has been gathered. I don't know how
long that takes.
I've attached my not-yet-working attempt at a urandom-seed-service. I
tried to get it working on my own but I need the assistance of some more
experienced Guix hackers :)
I've also attached a stand-alone Guile script to illustrate what the
effect of the service should be. This script does seem to work. I'm sure
the use of shell tools could be replaced by Guile.
After applying my patch and attempting `guix system vm ...`, I get the
attached backtrace.
Does anyone have advice about the service? Am I wrong that we need to
seed /dev/urandom to make it work properly?
[0] See the man page for random(4).
random.scm
Description: Text document
urandom-seed.patch
Description: Text Data
backtrace
Description: Text document
--- End Message ---
--- Begin Message ---
Subject: |
Re: bug#23605: /dev/urandom not seeded across reboots |
Date: |
Sat, 28 May 2016 20:04:31 -0400 |
User-agent: |
Mutt/1.6.0 (2016-04-01) |
On Sat, May 28, 2016 at 08:00:58PM -0400, Leo Famulari wrote:
> On Sat, May 28, 2016 at 10:53:08PM +0200, Ludovic Courtès wrote:
> >
> > OK with these changes.
>
> Done as a535e12226!
--- End Message ---