[systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized
Reindl Harald
h.reindl at thelounge.net
Fri Jun 6 02:54:11 PDT 2014
Am 06.06.2014 11:50, schrieb Florian Weimer:
> On 05/05/2014 04:35 PM, Lennart Poettering wrote:
>> Hmm? Well, a virtualized OS has to trust the hypervisor, there's no way
>> around that.
>
> I'm referring to this:
>
> * This function will use the architecture-specific hardware random
> * number generator if it is available. The arch-specific hw RNG will
> * almost certainly be faster than what we can do in software, but it
> * is impossible to verify that it is implemented securely (as
> * opposed, to, say, the AES encryption of a sequence number using a
> * key known by the NSA). So it's useful if we need the speed, but
> * only if we're willing to trust the hardware manufacturer not to
> * have put in a back door.
>
> I think this is the reason why the pool isn't considered initialized even if its contents has been randomized with
> RDRAND or similar instructions.
>
> I wouldn't be surprised if these minds have a similar concern about randomness coming from a hypervisor
if you don't trust the underlying hardware and hypervisor you
are lost in any case, that's a battle you can't win and in
that context the random numbers are your smallest problem
at all
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20140606/b84a967f/attachment.sig>
More information about the systemd-devel
mailing list