Hi. I was just looking at the loop-aes patch for util-linux-ng and realized that swapon uses /dev/urandom to make a random key for encrypted swap (it also uses a SHA-512 of old swap data). When swap is activated during boot there hasn't been much to seed the kernel entropy pool, so /dev/urandom is a bit predictable. I have some ideas on making this better:
BLFS-bootscripts have S25random reseeding /dev/random fairly late. Ideally it should go in after udev, and before swap, and perhaps load other boot scripts before activating swap. If an rngd is added to the random boot script, then loop-aes's swapon.c can use /dev/random instead of urandom. The old random-seed should get dumped after rngd is started, not before, to allow rngd to fill the watermark before random-seed stirs the pool. If rngd is installed and works, then the loop-aes patch can be modified to use /dev/random exclusively (no hash of old swap), and cause swapon to abort otherwise (it currently does not exit if /dev/urandom doesn't exist, just gives a warning). Also, I think we talked about adding loop-aes to hlfs a long time ago, and it was voted against because its a physical security thing... but with swap it's not. If someone has read access to the swap device (someone in the 'disc' group), they could find sensitive information. GnuPG can be configured not to use swap, but GnuPG is not the only package that handles passwords or private files. Can we vote again? Alternatively, the swap device could be configured in udev to have no permissions (ugo-rwx) and owned by 'swap'... or both encrypted swap and no permissions on the device (I like this idea best). robert
pgpdLqeNEuXEK.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
