[Cryptography] Security of Ubuntu RNG pollinate?
Paul Wouters
paul at cypherpunks.ca
Sat Nov 26 15:00:22 EST 2016
On Mon, 21 Nov 2016, John Gilmore wrote:
> Dustin Kirkland wrote a randomness client and server for feeding
> Ubuntu virtual machines that don't have good randomness sources, which
> is now a standard feature in Ubuntu since 14.04 Cloud instances. See:
>
> http://blog.dustinkirkland.com/2014/02/random-seeds-in-ubuntu-1404-lts-cloud.html
> https://launchpad.net/pollinate
>
> This now runs on the first boot of the virtual machine, before the
> scripts that create the machine's SSH host keys, for example. The
> idea is to improve the unpredictability of those keys. In theory this
> is a good idea.
It seems a rather weird solution. And with TLS 1.3 moving to ephemeral
keys with PFS, you need some randomness too before you can to HTTPS.
It seems that using something like haveged (man haveged) or
jitterentropy-rngd (http://www.chronox.de/jent.html) seems a simpler
solution that only relies on the host and or guest virtual hardware.
I'm not sure why Ubuntu thought these existing methods were not good
enough? I'm also worried that Ubuntu installs that generate SSH keys
are now dependant on a remote entropy server run by Ubuntu.
Paul
More information about the cryptography
mailing list