Re: Bug#912087: openssh-server: Slow startup after the upgrade to 7.9p1
From: Kurt Roeckx
Date: Tue Oct 30 2018 - 14:47:09 EST
On Tue, Oct 30, 2018 at 10:15:44AM -0400, Theodore Y. Ts'o wrote:
> On Tue, Oct 30, 2018 at 01:18:08AM +0100, Sebastian Andrzej Siewior wrote:
> > Using ioctl(/dev/urandom, RNDADDENTROPY, ) instead writting to
> > /dev/urandom would do the trick. Or using RNDADDTOENTCNT to increment
> > the entropy count after it was written. Those two are documented in
> > random(4). Or RNDRESEEDCRNG could be used to force crng to be reseeded.
> > It does also the job, too.
> >
> > Ted, is there any best practise what to do with the seed which as
> > extrected from /dev/urandom on system shutdown? Using RNDADDTOENTCNT to
> > speed up init or just write to back to urandom and issue RNDRESEEDCRNG?
>
> The reason why writing to /dev/[u]random via something like:
>
> cat /var/lib/random/seed > /dev/random
>
> Dosn't bump the the entropy counter is because it's possible that an
> attacker could read /var/lib/random/seed. Even if the seed file is
> refreshed on shutdown, (a) the attacker could have read the file while
> the system is down, or (b) the system could have crashed so the seed
> file was not refreshed and the attacker could have read the file
> before the crash.
So are you saying that the /var/lib/random/seed is untrusted, and
should never be used, and we should always wait for fresh entropy?
Anyway, I think if an attacker somehow has access to that file,
you have much more serious problems.
Kurt