:: Re: [DNG] Systemd depends on random…
Góra strony
Delete this message
Reply to this message
Autor: Hendrik Boom
Data:  
Dla: dng
Temat: Re: [DNG] Systemd depends on random numbers in order to work properly
On Tue, Jul 09, 2019 at 04:31:21PM +0200, Martin Steigerwald wrote:
> Hendrik Boom - 09.07.19, 14:26:
> > On Tue, Jul 09, 2019 at 07:07:20AM -0400, Steve Litt wrote:
> > > On Tue, 09 Jul 2019 10:54:46 +0200
> > >
> > > Martin Steigerwald <martin@???> wrote:
> > > > Martin Steigerwald - 08.07.19, 17:35:
> > > > > Just another reason I am happy to use sysvinit on my systems.
> > > > >
> > > > > unblock: systemd/241-4
> > > > > https://bugs.debian.org/929215
> > > > >
> > > > > Booting system should not depend on random numbers to be
> > > > > available
> > > > > in a large enough quantity.
> > > > >
> > > > > Granted there is a processor bug involved… but why rely on the
> > > > > random number generator of CPUs anyway?
> > > >
> > > > https://www.debian.org/releases/buster/amd64/release-notes/ch-info
> > > > rmation.en.html#entropy-starvation>
> > > The preceding article mentions using haveged, which many consider
> > > insecure. So for those times when *I* use systemd, I've created a
> > > superior solution...
> > >
> > > I loosely attach my mouse to my stationary bike in such a way that
> > > the mouse's LED shines on the stationary bike's belt, building up
> > > entropy. Within 10 seconds boot begins!
> > >
> > > I've mentioned many times that although systemd holds out the
> > > promise
> > > of fast boot, it takes someone with my skills to bring that fast
> > > boot
> > > to fruition.
> >
> > What need could there possibly be for randomness at boot time?
> > What *use* could there even be, never mind need?
>
> From what I gathered they need some basic randomness for UUID generation
> for all units and for some hashmap implementation. But as far as I got,
> they would not even need random values with cryptographic quality. But
> when using /dev/urandom they still drain the entropy pool for more
> important applications of randomness (like generating SSH keys).


So why do they need new UUID's at every boot?

-- hendrik