[Cryptography] In search of random numbers

Lodewijk andré de la porte l at odewijk.nl
Sat Oct 25 19:35:25 EDT 2014

2014-10-25 23:18 GMT+02:00 Theodore Ts'o <tytso at mit.edu>:

> On Sat, Oct 25, 2014 at 12:40:20AM +0200, Hanno Böck wrote:
> > > >
> > > > Most SSH keys are generated on first-time boot.
> > >
> > > This is dumb.
> > >
> > > This is bad design.
> >
> > Do you have a smart alternative? What should these devices do? Pre-load
> > them with a key? (I don't particularly like that idea) Tell users they
> > need to generate a key on their Desktop for their new Internet of Things
> > light switch?
> You wait until the first time someone tries to connect to the ssh
> port, and generate the ssh key in a just-in-time fashion.

How much time is considered not "first time boot"? I mean, init runs, and
that's the real first time boot thingy. Everything after is already started
with delay (and usually sequentially... talk about bad design..). How much
delay is required? Why not delay first time generation by twice that?
Doesn't /dev/random block until sufficient entropy is delivered? If not,
that's asking for trouble.

Maybe I'm missing something, but isn't this discussion at once really
involved (sshd) and really generic (entropy collection best practice)? I
rather like thinking and solving problems like these, but I'm not even sure
which is really the matter here. I thought it was about "Lol get randomness

Boottime resource starvation is inevitable, but not the application layer's
fault. So let's just focus on making /dev/*** work unbreakably, it fixes
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141026/a2c1ab2e/attachment.html>

More information about the cryptography mailing list