[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: lack of boot-time entropy on arm64 ec2 instances

On 2020-01-08 13:04:42 -0800 (-0800), Ross Vandegrift wrote:
> On Wed, Jan 08, 2020 at 08:17:13PM +0000, Luca Filipozzi wrote:
> > On Wed, Jan 08, 2020 at 02:48:13PM -0500, Noah Meyerhans wrote:
> > > We add haveged to the arm64 EC2 AMI.  This appears to work, and is
> > > something we can do today.  The debian-installer has previously used
> > > haveged to ensure reasonable entropy during installation, so there is
> > > some precident for this.
> > 
> > Every time I propose the use of haveged to resolve entropy starvation, I
> > get reactions from crypto folks saying that it's not a valid solution.
> > They invariably suggest that passing hardware RNG through to the VM is
> > the appropriate choice.
> > 
> > The latest such reaction being from mjg59. See:
> > https://twitter.com/mjg59/status/1181423056268349441
> > https://twitter.com/LucaFilipozzi/status/1181426253636755457
> I've seen reactions like this, but never an explanation.  Has anyone
> written up the issues?  Given that "fail to boot" isn't a workable
> outcome, it'd be useful to know exactly what risks one accepts when
> using haveged.

While you're at it, defining "fail to boot" would be nice. Just
because sshd won't start, it doesn't necessarily mean the machine
isn't "booted" in some sense, only that maybe you can't log into it
(substitute httpd and inability to browse the Web sites served from
it, or whatever you prefer).
Jeremy Stanley

Attachment: signature.asc
Description: PGP signature

Reply to: