RNG in live systems
This is just FYI (in case you haven't seen it anyways):
There's currently a discussion going at several lists (including
pkg-sysvinit-devel)... where people discuss about early seeding of the
Some people brought up several arguments related to live systems.
Maybe you're interested and want to have a look at.
--- Begin Message ---
We have been discussing the importance of a unique random-seed
file each system. This is important even forsystems that boot
from read-only media such as CD.
To make this somewhat more practical, I have written a script
to remix a .iso image so as to add one or more last-minute files.
The leading application (but probably not the only application)
is adding random-seed files.
The script can be found at
This version is literally two orders of magnitude more
efficient than the rough pre-alpha version that I put up
yesterday ... and it solves a more general problem, insofar
as random-seed files are not the only things it can handle.
Early-boot software is outside my zone of comfort, let
alone expertise, so I reckon somebody who is friends with
Casper could make further improvements ... but at least
for now this script serves as an "existence proof" to show
a) the PRNG situation is not hopeless, even for read-only
b) it is possible to remix Live CD images automatically
and somewhat efficiently.
I think by taking two steps we can achieve a worthwhile
improvement in security:
-- each system should have its own unique random-seed
file, with contents not known to the attackers; and
-- the init.d/urandom script should seed the PRNG
using "date +%s.%N" (as well as the random-seed file).
Neither step is worth nearly as much without the other,
but the two of them together seem quite worthwhile.
Pkg-sysvinit-devel mailing list
--- End Message ---