[147721] in cryptography@c2.net mail archive
Re: [Cryptography] /dev/random is not robust
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Thu Oct 17 21:27:59 2013
X-Original-To: cryptography@metzdowd.com
Date: Thu, 17 Oct 2013 17:29:52 -0400
From: Theodore Ts'o <tytso@mit.edu>
To: David Mercer <radix42@gmail.com>
In-Reply-To: <CADpjbE2UZPp9=boxoSNhN2E3Dn71CgWJvJ=NPFcOWP9+mSGkxg@mail.gmail.com>
X-SA-Exim-Mail-From: tytso@thunk.org
Cc: Cryptography Mailing List <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Fri, Oct 18, 2013 at 03:43:08AM +0800, David Mercer wrote:
>
> Sometime in the last two months I described the somewhat widespread issue
> at VM hosting/cloud providers of provisioning VM's with the same
> /dev/urandom seed from the image template. firstboot scripts typically only
> get run at image generation, and then the urandom seed is frozen in amber,
> as it were, in the VM image template file. It is a fairly trivial fix to
> re-seed it from /dev/random (one line in the right place).
Yeah, there are some people (including Dustin Kirkland at Canonical)
working on automated provisioning of random seeds from the hypervisor
to the guest kernels.
If you are compiling your own guest kernel, and the hypervisor
supports it, using virtio-rng which allows the guest to use the host
OS's /dev/random to bootstrap its local entropy pool is almost
certainly the Right Thing.
Cheers,
- Ted
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
