[systemd-devel] Why we need to read/save random seed?

cee1 fykcee1 at gmail.com
Wed Jun 17 05:21:47 PDT 2015


2015-06-17 16:40 GMT+08:00 Reindl Harald <h.reindl at thelounge.net>:
>
> Am 17.06.2015 um 05:06 schrieb cee1:
>>
>> 2015-06-16 0:21 GMT+08:00 Lennart Poettering <lennart at poettering.net>:
>>>
>>> On Mon, 15.06.15 23:33, cee1 (fykcee1 at gmail.com) wrote:
>>>>
>>>> Hi,
>>>>
>>>> I maybe got confused.
>>>>
>>>> First, systemd-random-seed.service will save a "seed" from
>>>> /dev/urandom when shutdown, and load that "seed" to /dev/urandom when
>>>> next boot up.
>>>>
>>>> My questions are:
>>>> 1. Can we not save a seed, but load a seed that is read from **
>>>> /dev/random ** to ** /dev/urandom **?
>>>
>>>
>>> The seed is used for both. Then you'd feed the stuff you got from the
>>> RNG back into the RNG which is a pointless excercise.
>>
>>
>> systemd-random-seed.service will load the "seed on disk" to
>> /dev/urandom, and save a "seed" to disk when shutdown, right?
>>
>> The article at http://www.2uo.de/myths-about-urandom/ suggests us
>> saving the seed as soon as there is enough entropy(means read from
>> /dev/random? if returns, there's enough entropy),
>
>
> well, so you read the seed and inject it to /dev/random followed by read
> /dev/random and overwrite the seed for the next boot - don't sounds that
> good

What I means is:
1. Load a saved seed to /dev/urandom.
2. The service read /dev/random, which will block until kernel thinks
there's enough entropy - then the Random Number should be good?
3. Save the random number returned in step 2 on disk.



-- 
Regards,

- cee1


More information about the systemd-devel mailing list