[systemd-devel] Why we need to read/save random seed?
Cristian RodrÃguez
cristian.rodriguez at opensuse.org
Mon Jun 15 09:19:20 PDT 2015
On Mon, Jun 15, 2015 at 12:33 PM, cee1 <fykcee1 at gmail.com> wrote:
> Hi,
>
> I maybe got confused.
>
> First, systemd-random-seed.service will save a "seed" from
> /dev/urandom when shutdown, and load that "seed" to /dev/urandom when
> next boot up.
>
> My questions are:
> 1. Can we not save a seed, but load a seed that is read from **
> /dev/random ** to ** /dev/urandom **?
No, at boot you do not have enough entropy to begin with.
> 2. Saving a seed on disk, and someone reads the content of it later,
> will this make the "urandom" predictable?
Yes, that's why the file is only readable by root.
> Talking about /dev/random, it consumes an internal entropy pool, some
> system events(disk reading/page fault, etc) enlarges this pool, am I
> right?
See this article http://www.2uo.de/myths-about-urandom/
> And write to /dev/random will mix the input data into the pool, but
> not enlarge it, right?
It is up to the kernel to "credit" the data written to it as entropy (or not)
What benefits can it get when only mix data
> but not enlarge the entropy pool?
The data written to it may be predictable..
> 3.16+ will mix data from HWRNG, does it also enlarges the entropy pool?
Yes but it might not be given "credit" depending what the source is.
More information about the systemd-devel
mailing list