[systemd-devel] Why we need to read/save random seed?
cee1
fykcee1 at gmail.com
Sun Jun 28 04:48:31 PDT 2015
2015-06-15 0:43 GMT+08:00 Greg KH <gregkh at linuxfoundation.org>:
> On Sun, Jun 14, 2015 at 12:49:55PM -0300, Cristian RodrÃguez wrote:
>>
>> El jun. 14, 2015 10:21, "cee1" <fykcee1 at gmail.com> escribió:
>> >
>> > Hi all,
>> >
>> > Why we need to read/save random seed? Can it be read from /dev/random each
>> time?
>>
>> Because the kernel is borked and still is needs to be fed of entropy at system
>> startup by user space. Please read the random man page.
>>
>> I agree we shouldn't have to do this at all..
>
> Really? And how do you suggest we "fix" the kernel when the hardware
> itself doesn't provide us with a proper random number "seed" in the
> first place? What do you suggest we do instead?
It seems in 4.2, kernel will use the Jitter Entropy Random Number
Generator to seed other random number generator(s):
http://www.phoronix.com/scan.php?page=news_item&px=Linux-4.2-Crypto-Akcipher-PKE
And from https://www.kernel.org/doc/ols/2014/ols2014-mueller.pdf, p24:
"""
The random number generator shall not require a seeding with data from
previous instances of the random number generator.
"""
That means we can get rid off systemd-random-seed.service, starting from 4.2.
--
Regards,
- cee1
More information about the systemd-devel
mailing list