Bug#760029: systemd: doesn't initialise RANDOM_SEED upon installation
Raphael Geissert
geissert at debian.org
Thu Feb 18 19:40:54 GMT 2016
Hi,
On 5 February 2016 at 00:08, Martin Pitt <mpitt at debian.org> wrote:
> Raphael Geissert [2016-02-04 23:20 +0100]:
>> Given that systemd-random-seed writes to urandom, it only adds data to
>> the input pools. It does not attempt to alter the kernel's entropy
>> estimate, which would be done by using the RNDADDENTROPY ioctl.
>>
>> Having an identical random-seed from systemd should not be any worse
>> than not having one, pretty much as it should not be any worse for
>> some random process running as "nobody" writing 0s to u/random.
>
> I'm afraid I need some more convincing about this. The point of
> saving/restoring the seed on shutdown/boot is to add "good" entropy to
> the RNG. I know that by adding zeros to the pool you don't actually
> make the resulting numbers worse, but the point I'm really not sure
> about: doesn't adding a seed also increase the pool size? I. e. my
> concern is, if you inject a "bad" (because copied) seed, wouldn't that
> make /dev/random block less, or not at all?
No, it doesn't alter the kernel's entropy estimate, which is what
determines whether the random device should block.
Cf. https://sources.debian.net/src/linux/3.2.65-1/drivers/char/random.c/#L1276
random_write doesn't call credit_entropy_bits)
In other words, the seed that is loaded at boot time can only help the
randomness of the random device, but not its estimate and therefore
not its "blockingness".
> I think a much better answer than creating it in the postinst (where
> *both* the current RNG state *and* the eventual fate of that file are
> totally unknown) is to create the seed in d-i in finish-install, when
> the system ran long enough. Similarly, cloud-init could use pollinate
> or a similar technology to snitch some entropy from the host. In
> general, IMHO the right thing is to do this per machine/instance, not
> per image.
This would indeed be great and it could be done in addition to the
current proposal.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
More information about the Pkg-systemd-maintainers
mailing list