Re: lack of boot-time entropy on arm64 ec2 instances
On Thu, Jan 09, 2020 at 12:41:28AM +0000, Luca Filipozzi wrote:
> On Wed, Jan 08, 2020 at 04:29:35PM -0500, Noah Meyerhans wrote:
> > If the kernel team is supportive of the
> > EFI_RNG+CONFIG_RANDOM_TRUST_BOOTLOADER approach, would folks be in
> > favor of enabling haveged temporarily, until kernel support is
> > available, or is it better to avoid it completely?
>
> I prefer passing through hrng but would find haveged acceptable. Other
> distros ship with haveged enabled for the same reason as we are debating
> here.
That said, the concern is the quality of the entropy since it will be
used for the generation of long-lived ssh host keys.
I use terraform to instantiate instances and a I precompute ssh host
keys (RSA only but I could do the others, I suppose) and install them
with cloud-init. I did this primarily so that I could generate a
known_hosts files that contains the public keys of the instances and
thereby avoid ssh unknown host warnings. I suppose there's this added
benefit that the quality of the ssh host key is not in question since
it's using the entropy of my management machine (where I'm not using
haveged).
(It's not like RNG quaility is a new problem... why didn't
virtualization approaches include host-to-guest RNG passthrough from the
beginning?)
--
Luca Filipozzi
Reply to: