From mboxrd@z Thu Jan  1 00:00:00 1970
From: Leo Famulari <leo@famulari.name>
Subject: bug#23605: /dev/urandom not seeded across reboots
Date: Tue, 24 May 2016 13:23:29 -0400
Message-ID: <20160524172329.GA5216@jasmine>
References: <20160523175832.GA10646@jasmine> <87shx8j5qm.fsf@T420.taylan>
	<20160524161617.GC29516@jasmine>
	<CAJ=Rwfb0gqA757c5hPXtcNEaT5dOa-Rowp+sf-mQwdT+oLHP=g@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Return-path: <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:44692)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1b5G3u-0006Hf-Bg
	for bug-guix@gnu.org; Tue, 24 May 2016 13:24:11 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1b5G3p-0000mf-4f
	for bug-guix@gnu.org; Tue, 24 May 2016 13:24:09 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:52527)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1b5G3m-0000lL-91
	for bug-guix@gnu.org; Tue, 24 May 2016 13:24:05 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1b5G3m-00084u-5e
	for bug-guix@gnu.org; Tue, 24 May 2016 13:24:02 -0400
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-Message-ID: <handler.23605.B23605.146411061731017@debbugs.gnu.org>
Content-Disposition: inline
In-Reply-To: <CAJ=Rwfb0gqA757c5hPXtcNEaT5dOa-Rowp+sf-mQwdT+oLHP=g@mail.gmail.com>
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-guix/>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
To: "Thompson, David" <dthompson2@worcester.edu>
Cc: 23605@debbugs.gnu.org

On Tue, May 24, 2016 at 12:26:29PM -0400, Thompson, David wrote:
> On Tue, May 24, 2016 at 12:16 PM, Leo Famulari <leo@famulari.name> wrote:
> > On Tue, May 24, 2016 at 09:05:21AM +0200, Taylan Ulrich Bayırlı/Kammer wrote:
> >> Leo Famulari <leo@famulari.name> writes:
> >> > Does anyone have advice about the service? Am I wrong that we need to
> >> > seed /dev/urandom to make it work properly?
> >>
> >> Yes, this is necessary under Linux if you want urandom to be random
> >> enough immediately after boot, and all the distros do it as part of
> >> their init.
> >>
> >> There's also an interesting implication here about the very first time
> >> you boot the system and don't have a urandom seed file from the last
> >> shutdown yet.  I don't know how this is typically handled, given that
> >> for instance it's quite possible that a user might generate SSH keys
> >> shortly after their first boot of a system.
> >
> > When I boot a GuixSD VM for the first time [0], it requires me to dance
> > on the keyboard until it has collected ~200 bits of entropy. I assumed
> > this is to properly bootstrap the CSPRNG in /dev/urandom, but I'm not
> > sure.
> 
> This is just an annoying feature of GNU lsh.  I want to switch my
> machines to OpenSSH sometime, partly due to this.

Well, it seems that this feature might be protecting us against using
weak SSH session keys on first boot, if it's doing what I think it's
doing...