Re: fix for no ssh

To: debian-user@lists.debian.org
Subject: Re: fix for no ssh
From: Curt <curty@free.fr>
Date: 09 Jul 2019 07:59:53 GMT
Message-id: <[🔎] slrnqi8ibp.20d.curty@einstein.electron.org>
References: <[🔎] 201907071029.23210.gheskett@shentel.net> <[🔎] a0d958a0a2649252c0997acd0630d83ed0ef6b1a.camel@yxit.co.uk> <[🔎] 20190707164348.k3txnfamgaupmzam@localhost> <[🔎] CAJmb-Ykzu=icMr3Zk-U41Ur_tSKqObuJ5C0jNi4my5UchhBYgg@mail.gmail.com> <[🔎] 20190708065440.hrxbo4e3752rbqpv@localhost> <[🔎] slrnqi61jg.21v.curty@einstein.electron.org> <[🔎] 20190708101816.md42tm7u2v57pm6u@localhost> <[🔎] slrnqi6leg.21v.curty@einstein.electron.org> <[🔎] 20190708153110.GQ2450@eeg.ccf.org> <[🔎] slrnqi6r6k.21v.curty@einstein.electron.org> <[🔎] 20190708164527.GH8410@bitfolk.com>

On 2019-07-08, Andy Smith <andy@strugglers.net> wrote:
> Hello,
>
> On Mon, Jul 08, 2019 at 04:18:28PM -0000, Curt wrote:
>> Well, looking at Ted Ts'o short patch, where he mentions the security
>> implications of the thing at some length, *twice*
>
> I think that some of Ted's stance might not be because Ted thinks it
> is dangerous but because there has been in the past very vocal
> opposition to any use of RDRAND, given that it is part of the
> unauditable innards of the CPU.
>

I'm incapable of deriving telepathically the cognitive ruminations of
Mr.  Ts'o and lack the expertise to second-guess a kernel hacker of his
stature. I've quoted primarily and principally from the workaround patch
written by Ts'o that Debian will be applying by default in Buster to all
x86 cpus containing the RDRAND instruction, in which he expresses his
serious caveats concerning its application. I think these reserves are
relevant and pertinent to the patch itself and should be revealed to the
user, whom we cannot assume or expect to follow the technical
discussions of the development team, in the release-notes for Buster.

Reply to:

Follow-Ups:
- Re: fix for no ssh
  - From: Andy Smith <andy@strugglers.net>

References:
- fix for no ssh
  - From: Gene Heskett <gheskett@shentel.net>
- Re: fix for no ssh
  - From: Tixy <tixy@yxit.co.uk>
- Re: fix for no ssh
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: fix for no ssh
  - From: Nicholas Geovanis <nickgeovanis@gmail.com>
- Re: fix for no ssh
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: fix for no ssh
  - From: Curt <curty@free.fr>
- Re: fix for no ssh
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: fix for no ssh
  - From: Curt <curty@free.fr>
- Re: fix for no ssh
  - From: Greg Wooledge <wooledg@eeg.ccf.org>
- Re: fix for no ssh
  - From: Curt <curty@free.fr>
- Re: fix for no ssh
  - From: Andy Smith <andy@strugglers.net>

Prev by Date: Re: Upgrading to Buster but keeping Postgresql-9.6
Next by Date: Re: Upgrading to Buster but keeping Postgresql-9.6
Previous by thread: Re: fix for no ssh
Next by thread: Re: fix for no ssh
Index(es):
- Date
- Thread