[pkg-cryptsetup-devel] Bug#728197: Bug#728197: Low entropy for encrypted swap partition
Guilhem Moulin
guilhem at guilhem.org
Fri Sep 16 18:41:29 UTC 2016
On Tue, 29 Oct 2013 at 13:09:08 +0100, Milan Kral wrote
> The problem is that in /etc/rcS.d the scripts S07cryptdisks-early,
> S09cryptdisks are run before S13urandom. We are trying to read from
> /dev/urandom before the Linux random number generator is properly
> seeded. This can lead to predictable encryption key for the swap
> partition.
That's problematic, indeed. For the record, the situation doesn't seem
to be better with systemd:
Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available)
Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available)
Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available)
Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available)
Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available)
Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available)
Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available)
Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available)
Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available)
Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available)
[…]
Sep 16 18:35:40 debian systemd[1]: Found device /dev/vda1.
Sep 16 18:35:40 debian systemd[1]: Starting Cryptography Setup for swap...
Sep 16 18:35:41 debian kernel: device-mapper: uevent: version 1.0.3
Sep 16 18:35:41 debian systemd-cryptsetup[518]: Set cipher aes, mode xts-plain64, key size 256 bits for device /dev/vda1.
Sep 16 18:35:41 debian mkswap[576]: Setting up swapspace version 1, size = 64 MiB (67072000 bytes)
Sep 16 18:35:41 debian mkswap[576]: no label, UUID=eca1d0f8-e1da-4ed6-867c-86c4bfca92f5
Sep 16 18:35:41 debian systemd[1]: Started Cryptography Setup for swap.
Sep 16 18:35:41 debian systemd[1]: Reached target Encrypted Volumes.
Sep 16 18:35:41 debian systemd[1]: Found device /dev/mapper/swap.
Sep 16 18:35:41 debian systemd[1]: Activating swap /dev/mapper/swap...
Sep 16 18:35:41 debian systemd[1]: Activated swap /dev/mapper/swap.
Sep 16 18:35:41 debian systemd[1]: Reached target Swap.
Sep 16 18:35:41 debian kernel: Adding 65500k swap on /dev/mapper/swap. Priority:-1 extents:1 across:65500k FS
[…]
Sep 16 18:35:44 debian login[662]: ROOT LOGIN on '/dev/tty1'
Sep 16 18:35:48 debian kernel: random: nonblocking pool is initialized
(Note the “random: nonblocking pool is initialized” at the very end,
long after initializing swap, even after login.)
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20160916/83badec9/attachment.sig>
More information about the pkg-cryptsetup-devel
mailing list