lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070529200608.GF19229@vanheusden.com>
Date:	Tue, 29 May 2007 22:06:08 +0200
From:	Folkert van Heusden <folkert@...heusden.com>
To:	Pavel Machek <pavel@....cz>, Theodore Tso <tytso@....edu>,
	M Macnair <mmacnair@...il.com>, linux-kernel@...r.kernel.org
Subject: Re: Seeding /dev/random not working

> > > I have two embedded boards (one ARM, one PowerPC), running two
> > > different versions of 2.6.  They have no hard drives, keyboards or
> > > mice.  They each have a NIC, but I understand these make no
> > > contribution to the entropy pool.
> > > 	if [ -f $random_seed ]; then
> > > 		cat $random_seed >/dev/urandom  # should seed the pool
> > > 	fi
> > > 	dd if=/dev/urandom of=$random_seed count=1 2>/dev/null # save some
> > > data from urandom for next boot
> > > I have rebooted my boards many times, and after each boot I read the
> > > contents of $random_seed.  Whilst it does not happen every time, the
> > > contents of $random_seed are /often the same/.  To give you a feel:
> > > rebooted 11 times, got a total of 3 different outputs.
> > 
> > Ok, so this is telling me a couple of things.  First of all, if you're
> > only getting three outputs, it means that you don't have any
> > peripherals feeding entropy into the system from the boot sequence.
> > Without any hard drives, keyboards or mice, and a NIC whose device
> > driver hasn't been configured to feed entropy, you're definitely
> > hosed.
> 
> Can we get at least time-of-boot from rtc clock to the pool? We really
> should not be getting identical outputs...

And add readings from lm-sensors as well? I guess harddisk and cpu
temperatures (lower bits) and such are pretty random?


Folkert van Heusden

-- 
MultiTail est un flexible tool pour suivre de logfiles et execution de
commandements. Filtrer, pourvoir de couleur, merge, 'diff-view', etc.
http://www.vanheusden.com/multitail/
----------------------------------------------------------------------
Phone: +31-6-41278122, PGP-key: 1F28D8AE, www.vanheusden.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ