From owner-freebsd-security@FreeBSD.ORG Thu Sep 6 18:25:40 2012 Return-Path: Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C3E1F106566B; Thu, 6 Sep 2012 18:25:40 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 810268FC0C; Thu, 6 Sep 2012 18:25:40 +0000 (UTC) Received: from ds4.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id B5794638E; Thu, 6 Sep 2012 20:25:39 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 84727826F; Thu, 6 Sep 2012 20:25:39 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: obrien@freebsd.org References: <201208221843.q7MIhLU4077951@svn.freebsd.org> <5043DBAF.40506@FreeBSD.org> <86y5kpcqc4.fsf@ds4.des.no> <20120906175747.GC13179@dragon.NUXI.org> Date: Thu, 06 Sep 2012 20:25:39 +0200 In-Reply-To: <20120906175747.GC13179@dragon.NUXI.org> (David O'Brien's message of "Thu, 6 Sep 2012 10:57:47 -0700") Message-ID: <86y5knovoc.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: Arthur Mesh , freebsd-security@FreeBSD.org, Doug Barton , freebsd-rc@FreeBSD.org, Mark Murray Subject: Re: svn commit: r239569 - head/etc/rc.d X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Sep 2012 18:25:40 -0000 David O'Brien writes: > Dag-Erling Smrgrav writes: > > Speaking of rc.d and entropy, is the following code in /etc/rc.d/sshd > > really necessary? > > seeded=3D`sysctl -n kern.random.sys.seeded 2>/dev/null` > > if [ "x${seeded}" !=3D "x" ] && [ ${seeded} -eq 0 ] ; then > > warn "Setting entropy source to blocking mode." > [...] > Likely this is inspired by 3.2 'How Compromises are Exploited', > 'Compromise of High-Value Keys Generated From Compromised Key' paragraph. > > If the key that is being generated is vary valuable, the harm to the > system owner can be very large. These are host keys. I'd say they're moderately valuable - depending on the machine and your point of view, they may be more or less valuable than user keys - but they are usually generated under controlled circumstances, rather than circumstances in which an attacker may be able to influence the PRNG. > Now that we have 'postrandom' possibly we should utilize the > ${entropy_file} (and call postrandom again). > > Certainly [re]seeding with 'sysctl -a' and 'date' is poor and should be > changed. Well, currently it's a no-op since kern.random.sys.seeded is never 0 at that point, if I understand correctly. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no