lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <fbf48030-c702-8964-7614-365bbcb4faee@bluewin.ch>
Date:   Wed, 22 Mar 2023 05:51:10 +0100
From:   Traian Teodorescu <traian.teodorescu@...ewin.ch>
To:     linux-kernel@...r.kernel.org
Subject: Fwd: Linux entropy

Hello,

I've been redirected by  the "friendly bot" to you (I've already looked 
into "kernelnewbies" but I didn't find a linked topic). I would want to 
know more about the subject below. Is there another possibility to read 
the value of current entropy in new versions of kernel ? Are the old 
services (as for instance haveged) still compatible ?

Thank you and have a nice evening,

Traian


-------- Forwarded Message --------
Subject:     Linux entropy
Date:     Tue, 21 Mar 2023 17:03:36 +0100
From:     Traian Teodorescu <traian.teodorescu@...ewin.ch>
To:     gregkh@...uxfoundation.org


Mr Kroah-Hartmann,

I've recently discovered that the value containing the machine's entropy 
(in /proc/sys/kernel/random/entropy_avail ) isn't updated anymore on one 
of my machines. I found some articles on the Internet about this change, 
but nothing very "official".

There is also an explanation at 
"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=e7e196e1ae2603a2c5f1894f1868a7a5b5a2c5e0" 
about keeping forward secrecy, etc, that I didn't really understood.

I began using Linux since less than 10 years and I am not what you can 
call an experienced user, but from my point of view this change doesn't 
make sense. If I understand well some basic principles, Linux kernel is 
the only one meant to be accessible to everybody wanting to understand 
deeply how a modern OS works, so what's the gain in this "obfuscation" 
?  From my point of view, a sysadmin should know how much entropy they 
have on their machines.

So, please, can you please make some comments about this change ? (of 
eventually send me a link to an article that I can trust ?)

I really enjoyed Linux a lot those years and I learned to appreciate it, 
so from this point of view I am grateful to the teams maintaining free 
software, so ... thank you !

Thanks for an eventual answer and have a nice evening,

Traian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ