----- Forwarded message from Theodore Ts'o <tytso@mit.edu> ----- Date: Thu, 17 Oct 2013 17:29:52 -0400 From: Theodore Ts'o <tytso@mit.edu> To: David Mercer <radix42@gmail.com> Cc: Cryptography Mailing List <cryptography@metzdowd.com> Subject: Re: [Cryptography] /dev/random is not robust Message-ID: <20131017212952.GC14512@thunk.org> User-Agent: Mutt/1.5.21 (2010-09-15) On Fri, Oct 18, 2013 at 03:43:08AM +0800, David Mercer wrote:
Sometime in the last two months I described the somewhat widespread issue at VM hosting/cloud providers of provisioning VM's with the same /dev/urandom seed from the image template. firstboot scripts typically only get run at image generation, and then the urandom seed is frozen in amber, as it were, in the VM image template file. It is a fairly trivial fix to re-seed it from /dev/random (one line in the right place).
Yeah, there are some people (including Dustin Kirkland at Canonical) working on automated provisioning of random seeds from the hypervisor to the guest kernels. If you are compiling your own guest kernel, and the hypervisor supports it, using virtio-rng which allows the guest to use the host OS's /dev/random to bootstrap its local entropy pool is almost certainly the Right Thing. Cheers, - Ted _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5