| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Jul 2003 11:29:51 -0700
From: Crispin Cowan <crispin@...unix.com>
To: Kent Borg <kentborg@...g.org>
Subject: Re: ssh host key generation in Red Hat Linux
Kent Borg wrote:
>I recently installed Red Hat Linux 9 and noticed on the first boot a
>message about generating ssh host keys. Isn't that a dangerous thing
>to do on the first boot? Where is the installation going to get
>enough good entropy so early in its life?
>
>Maybe the paranoid thing to do is, as part of configuring a machine,
>to regenerate those keys once user interaction (or other entropy
>source) has had time to really stir the Linux entropy pool.
>
SSH is likely getting it's entropy from /dev/random. The kernel will
decide whether there is enough entropy in the /dev/random entropy pool,
and block reads until the pool fills.
This pool, in turn, is going to have pleanty of entropy generated by
timing jitter in disk I/O interrupts.
To experiment with this, run the command:
cat /dev/random | od -cx
It will dump for a while and then stop. Then type a key. Then move your
mouse. Wait for a cron job to start up and watch what it does. Etc. etc.
Disclaimer: there is dispute in the crypto community about the hashing
done in /dev/urandom (note the 'u') which never blocks. /dev/urandom
just recycles the entropy pool with a PRNG, and people have variable
faith in the quality of PRNG's.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
Chief Scientist, Immunix http://immunix.com
http://www.immunix.com/shop/
Powered by blists - more mailing lists