[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Handling of entropy during boot

On Thu, 10 Jan 2019, Michael Biebl wrote:
> > ACK, we also had to do the same in Grml[.org] and our latest release
> > (2018.12). Now we automatically enable haveged when users boot using
> > the ssh boot option (which is something Grml specific, taking care
> > of setting user password and invoking the ssh service).
> And this is a perfect example why crediting the seed file (#914297) is
> not a solution to this problem.

While I still think this case should be handled by documentation, let's 
try to find a way forward that we can agree upon.

I think the absolute minimum we need something that prints a big fat 
warning during boot if the RNG is not yet initialized, points out that 
further services may block and that the admin should add entropy sources 
like virtio-rng or rdrand. The time when this warning should be printed 
should probably be before network is started, because if the admin has 
configured vpn services in /etc/network/interfaces, those will already 
block because of lack of entropy.

A second thing we need is a service that finishes when the RNG is 
initialized and that has a suitable large timeout for starting (maybe one 
day?). Services that need randomness can then depend on that service and 
don't need to set their own timeout to huge values. Also it is a lot 
easier to see what's wrong if the "wait for RNG" service is blocking than 
if some random network service is blocking.

More things should be done but maybe we can figure those out while we 
implement the above two things. Can we agree on this?

Now, in which packages should those services be shipped? Should they be 
part of the individual init system packages or into some central package 
like initscripts? Any opinions?

Reply to: