From owner-freebsd-hackers@FreeBSD.ORG Fri May 31 10:26:56 2013 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 5520779A for ; Fri, 31 May 2013 10:26:56 +0000 (UTC) (envelope-from dirkx@webweaving.org) Received: from pikmeer.webweaving.org (pikmeer.webweaving.org [178.18.23.51]) by mx1.freebsd.org (Postfix) with ESMTP id CE801323 for ; Fri, 31 May 2013 10:26:55 +0000 (UTC) Received: from beeb.leiden.webweaving.org (5ED28243.cm-7-3c.dynamic.ziggo.nl [94.210.130.67]) (authenticated bits=0) by pikmeer.webweaving.org (8.14.5/8.14.5) with ESMTP id r4VA12Lq079007 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for ; Fri, 31 May 2013 10:01:02 GMT (envelope-from dirkx@webweaving.org) From: Dirk-Willem van Gulik Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: seeding randomness in zee cloud Message-Id: <0BF6FBDD-47E8-44F1-BA71-A355EDCDEDB6@webweaving.org> Date: Fri, 31 May 2013 12:01:02 +0200 To: freebsd-hackers@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\)) X-Mailer: Apple Mail (2.1503) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.5 (pikmeer.webweaving.org [178.18.23.51]); Fri, 31 May 2013 10:01:02 +0000 (UTC) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 May 2013 10:26:56 -0000 Thanks to a badly-written mngt script - we've rencently noticed a = freshly generated ssh-key on a new AWS instances to be indentical to one = seen a few months prior.=20 Careful analysis of some other logs showed that we've had similar = clashes on another script just after startup generating a very short = x509 CSR. It happens quite rarely though. But still. I am surmising that perhaps the (micro-T) images do not have that much = entropy on startup. So I am wondering how to best make our images 'more random' -- and want = to avoid the linux/openstack suggestion[1] of doing this through the = boot-params [2] (as in our case it is the operator of the machine we're protecting/guarding against = accusations/temptations). Now we happen to have very easy access to blocks of 1024bits of = randomness from a remote server in already nicely PKI signed packages = (as it is needed later for something else). Is it safe to simply *add* those with: set -1 # fetch randomness & check signature .. snipped... # Seed Software random generator # cat rnd > /dev/random # Activate software random generator as an additional source sysctl kern.random.sys.harvest.swi=3D1 Or does this cause a loss/reset of all entropy gathered by the hardware = sofar ? Or is there a cleaner way to add a additional seed as a one-off = with disturbing as little as possible (in the few seconds just after the = network is brought up). =09 Thanks, Dw. FWIIW: this is the output of sysctl kern.random. kern.random.yarrow.gengateinterval: 10 kern.random.yarrow.bins: 10 kern.random.yarrow.fastthresh: 192 kern.random.yarrow.slowthresh: 256 kern.random.yarrow.slowoverthresh: 2 kern.random.sys.seeded: 1 kern.random.sys.harvest.ethernet: 1 kern.random.sys.harvest.point_to_point: 1 kern.random.sys.harvest.interrupt: 1 kern.random.sys.harvest.swi: 0 1: = http://blog.dustinkirkland.com/2012/10/entropy-or-lack-thereof-in-openstac= k.html 2: https://review.openstack.org/#/c/14550/=