From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Thompson, David" <dthompson2@worcester.edu>
Subject: bug#23605: /dev/urandom not seeded across reboots
Date: Tue, 24 May 2016 13:29:44 -0400
Message-ID: <CAJ=RwfaBjocoPiPztPQdxvAB_Cq_ZBydNJV1dnVEGY4FRHjp5w@mail.gmail.com>
References: <20160523175832.GA10646@jasmine> <87shx8j5qm.fsf@T420.taylan>
	<20160524161617.GC29516@jasmine>
	<CAJ=Rwfb0gqA757c5hPXtcNEaT5dOa-Rowp+sf-mQwdT+oLHP=g@mail.gmail.com>
	<20160524172329.GA5216@jasmine>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Return-path: <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:46977)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1b5G9g-0000ak-Jg
	for bug-guix@gnu.org; Tue, 24 May 2016 13:30:09 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1b5G9b-0002iV-CO
	for bug-guix@gnu.org; Tue, 24 May 2016 13:30:07 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:52533)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1b5G9b-0002hg-6s
	for bug-guix@gnu.org; Tue, 24 May 2016 13:30:03 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1b5G9a-0008DT-R5
	for bug-guix@gnu.org; Tue, 24 May 2016 13:30:02 -0400
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-Message-ID: <handler.23605.B23605.146411099131539@debbugs.gnu.org>
In-Reply-To: <20160524172329.GA5216@jasmine>
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-guix/>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
To: Leo Famulari <leo@famulari.name>
Cc: 23605@debbugs.gnu.org

On Tue, May 24, 2016 at 1:23 PM, Leo Famulari <leo@famulari.name> wrote:
> On Tue, May 24, 2016 at 12:26:29PM -0400, Thompson, David wrote:
>> On Tue, May 24, 2016 at 12:16 PM, Leo Famulari <leo@famulari.name> wrote=
:
>> > On Tue, May 24, 2016 at 09:05:21AM +0200, Taylan Ulrich Bay=C4=B1rl=C4=
=B1/Kammer wrote:
>> >> Leo Famulari <leo@famulari.name> writes:
>> >> > Does anyone have advice about the service? Am I wrong that we need =
to
>> >> > seed /dev/urandom to make it work properly?
>> >>
>> >> Yes, this is necessary under Linux if you want urandom to be random
>> >> enough immediately after boot, and all the distros do it as part of
>> >> their init.
>> >>
>> >> There's also an interesting implication here about the very first tim=
e
>> >> you boot the system and don't have a urandom seed file from the last
>> >> shutdown yet.  I don't know how this is typically handled, given that
>> >> for instance it's quite possible that a user might generate SSH keys
>> >> shortly after their first boot of a system.
>> >
>> > When I boot a GuixSD VM for the first time [0], it requires me to danc=
e
>> > on the keyboard until it has collected ~200 bits of entropy. I assumed
>> > this is to properly bootstrap the CSPRNG in /dev/urandom, but I'm not
>> > sure.
>>
>> This is just an annoying feature of GNU lsh.  I want to switch my
>> machines to OpenSSH sometime, partly due to this.
>
> Well, it seems that this feature might be protecting us against using
> weak SSH session keys on first boot, if it's doing what I think it's
> doing...

It impedes automated provisioning of servers, which OpenSSH does not do.

- Dave