[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#23605: /dev/urandom not seeded across reboots

From: Leo Famulari
Subject: bug#23605: /dev/urandom not seeded across reboots
Date: Mon, 23 May 2016 13:58:32 -0400
User-agent: Mutt/1.6.0 (2016-04-01)

I realized that we don't seem to be saving any of the entropy in the
kernel's random pool [0] across reboots.

This means that for some period after boot, /dev/urandom may not be safe
to use. From random(4):

If  a seed file is saved across reboots as recommended below (all major
Linux distributions have done this since 2000 at least),
[/dev/urandom's] output is cryptographically  secure against  attackers
without  local  root access as soon as it is reloaded in the boot
sequence, and perfectly adequate for network encryption session  keys.

I interpret that text to mean that, without use of a seed file,
urandom's output is *not* adequate for network encryption session keys
(SSH, TLS, etc) until enough entropy has been gathered. I don't know how
long that takes.

I've attached my not-yet-working attempt at a urandom-seed-service. I
tried to get it working on my own but I need the assistance of some more
experienced Guix hackers :)

I've also attached a stand-alone Guile script to illustrate what the
effect of the service should be. This script does seem to work. I'm sure
the use of shell tools could be replaced by Guile.

After applying my patch and attempting `guix system vm ...`, I get the
attached backtrace.

Does anyone have advice about the service? Am I wrong that we need to
seed /dev/urandom to make it work properly?

[0] See the man page for random(4).

Attachment: random.scm
Description: Text document

Attachment: urandom-seed.patch
Description: Text Data

Attachment: backtrace
Description: Text document

reply via email to

[Prev in Thread] Current Thread [Next in Thread]