[147829] in cryptography@c2.net mail archive
Re: [Cryptography] /dev/random is not robust
daemon@ATHENA.MIT.EDU (Alon Ziv)
Thu Oct 24 10:51:47 2013
X-Original-To: cryptography@metzdowd.com
To: cryptography@metzdowd.com
From: Alon Ziv <alon-lk@nolaviz.org>
Date: Thu, 24 Oct 2013 05:06:16 +0000 (UTC)
X-Complaints-To: usenet@ger.gmane.org
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
Theodore Ts'o <tytso <at> mit.edu> writes:
>
> On Thu, Oct 17, 2013 at 01:05:52PM -0400, Kent Borg wrote:
> >
> > There are certainly larger system issues, and anyone doing
> > auto-provisioning of servers and generating keys before any entropy
> > has accumulated could get burned. Though to be fair to /dev/random,
> > isn't this a larger Linux distribution issue? Don't automatically
> > generate keys on first boot. RNGs that need seed data should not be
> > run empty.
>
> The major problem which could be considered a "Linux distribution
> issue" is ssh host key generation, which is done by the boot scripts
> if the ssh host keys do not exist. It would be much better if this
> was done on the first TCP connection to the ssh server, but that would
> require changes to sshd.
Can't this be solved (in some distros at least...) by switching SSHD to use
on-demand activation (a la inetd / systemd)? [I know the SSHD manpage claims
this is inadvisable, but I suspect the reason - response "may take tens of
seconds" - is decades out of date even for small devices...]
-a
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
