:: Re: [DNG] Systemd depends on random…
Top Page
Delete this message
Reply to this message
Author: Martin Steigerwald
Date:  
To: dng
Subject: Re: [DNG] Systemd depends on random numbers in order to work properly
Hendrik Boom - 09.07.19, 14:26:
> On Tue, Jul 09, 2019 at 07:07:20AM -0400, Steve Litt wrote:
> > On Tue, 09 Jul 2019 10:54:46 +0200
> >
> > Martin Steigerwald <martin@???> wrote:
> > > Martin Steigerwald - 08.07.19, 17:35:
> > > > Just another reason I am happy to use sysvinit on my systems.
> > > >
> > > > unblock: systemd/241-4
> > > > https://bugs.debian.org/929215
> > > >
> > > > Booting system should not depend on random numbers to be
> > > > available
> > > > in a large enough quantity.
> > > >
> > > > Granted there is a processor bug involved… but why rely on the
> > > > random number generator of CPUs anyway?
> > >
> > > https://www.debian.org/releases/buster/amd64/release-notes/ch-info
> > > rmation.en.html#entropy-starvation>
> > The preceding article mentions using haveged, which many consider
> > insecure. So for those times when *I* use systemd, I've created a
> > superior solution...
> >
> > I loosely attach my mouse to my stationary bike in such a way that
> > the mouse's LED shines on the stationary bike's belt, building up
> > entropy. Within 10 seconds boot begins!
> >
> > I've mentioned many times that although systemd holds out the
> > promise
> > of fast boot, it takes someone with my skills to bring that fast
> > boot
> > to fruition.
>
> What need could there possibly be for randomness at boot time?
> What *use* could there even be, never mind need?


From what I gathered they need some basic randomness for UUID generation
for all units and for some hashmap implementation. But as far as I got,
they would not even need random values with cryptographic quality. But
when using /dev/urandom they still drain the entropy pool for more
important applications of randomness (like generating SSH keys).

--
Martin