[Bug 1098299] Re: entropy pool should be seeded earlier in boot process

John Denker lp at av8n.com
Wed Nov 6 22:23:45 UTC 2013 

I strongly agree with the main idea here:
    "entropy pool should be seeded earlier in boot process"

Here are some numbers that quantify the magnitude
of the problem:
                                        prior
        startup script                  #bits 	    
        (mountall)                      18816
        (mounted-run)                   21888
        (sshd server)                   35616
        (network-interface : lo)        55968
        (network-interface : eth0)      68832
        (urandom)                       79168

For details on what these numbers mean, see
  http://www.av8n.com/computer/htm/secure-random.htm#sec-discuss


Steve Langasek (vorlon) wrote on 2013-05-17: 

> I think we do want to translate /etc/init.d/urandom to an upstart job

Agreed!    That will help a lot.

>  not sure at present how to write it correctly

It's not hard.  A very specific suggestion for how it might be done can
be found here:
  http://www.av8n.com/cgit/cgit.cgi/init-urandom/

1)  Add init/urandom.conf
2)  Add init/urandom-save.conf
3)  Remove all references to init.d/urandom from rc?.d/
4)  Optionally add a factor of "urandom" to the startup conditions
   in init/ssh.conf.  This will make init.ssh.conf correspond more
   closely to the old sysvinit  init.d/ssh

This (a) ports the urandom stuff to upstart, (b) initializes the PRNG
much earlier, and (c) does a better job of refreshing the stored
seed.

I am under no illusions that this initializes the PRNG early enough
in absolute terms ... but it is very very much earlier in relative
terms.  It is a big step in the right direction.

In any case, porting it to upstart also improves things in a number
of ways.

Let me know if you have questions.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sysvinit in Ubuntu.
https://bugs.launchpad.net/bugs/1098299

Title:
  entropy pool should be seeded earlier in boot process

Status in “installation-report” package in Ubuntu:
  In Progress
Status in “openssh” package in Ubuntu:
  Fix Released
Status in “sysvinit” package in Ubuntu:
  Won't Fix
Status in “ubiquity” package in Ubuntu:
  Fix Released

Bug description:
  Currently, the entropy pool is seeded by /etc/init.d/urandom. This
  should be done earlier in the boot process by an upstart job, and
  should be done before the ssh daemon is started.

  Although the ssh keys are generated on package install, openssh uses
  openssl's PRNG which is seeded on boot for ephemeral keys.

  See https://factorable.net/weakkeys12.extended.pdf for more
  information.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/installation-report/+bug/1098299/+subscriptions

More information about the foundations-bugs mailing list