FS#34580 - [rng-tools] Default configuration of rng-tools adds no real entropy to /dev/random

Attached to Project: Community Packages
Opened by blahblah (blahblah) - Wednesday, 03 April 2013, 00:08 GMT
Last edited by Massimiliano Torromeo (mtorromeo) - Monday, 02 March 2015, 18:20 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Massimiliano Torromeo (mtorromeo)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 3
Private No

Details

Description:

The default configuration of rng-tools version 4-1 (https://www.archlinux.org/packages/community/i686/rng-tools/) changes the semantics of the Linux /dev/random device through the default configuration. The default rngd.conf adds useless entropy from /dev/urandom (which is entirely generated from the contents of the /dev/random pool itself). I presume this is to prevent blocking of /dev/random.

The default configuration (https://projects.archlinux.org/svntogit/community.git/plain/trunk/rngd.conf?h=packages/rng-tools) follows:

RNGD_OPTS="-o /dev/random -r /dev/urandom"

Many applications which require high quality entropy use /dev/random, and tricking the kernel into believing that high quality entropy is being added is a potential security issue.

/dev/random intentionally blocks when no entropy is available, and /dev/random should only be fed with high quality entropy. The default configuration of rngd should not feed useless data to /dev/random.

Additional info:
* rng-tools version 4-1, rngd.conf configuration file


Steps to reproduce:
This task depends upon

Closed by  Massimiliano Torromeo (mtorromeo)
Monday, 02 March 2015, 18:20 GMT
Reason for closing:  Fixed
Additional comments about closing:  rng-tools-5-2
Comment by Massimiliano Torromeo (mtorromeo) - Friday, 05 April 2013, 08:47 GMT
Then I don't see your point in using rng-tools to feed /dev/random.
And if you have a real entropy device just change the configuration.
Comment by blahblah (blahblah) - Friday, 05 April 2013, 10:56 GMT
The installation of any package should not leave a system in a less secure state than before the installation. The default configuration of rng-tools does so.
Comment by Massimiliano Torromeo (mtorromeo) - Friday, 05 April 2013, 12:07 GMT
This package is not a dependency of any other package.
It also needs to be explicitly installed AND started/enabled so after installation the system is not any less secure.

By analogy one should deduce that openssh should not exist because if you install it you have a daemon on your system that provides shell access (if you start it) and so the system is less secure than before installation?

You are obviously responsible to configure every service you decide to install and enable on your system.

Other than that, I am not strongly against changing the default configuration of rngd but I don't see the point and on the majority of systems there is no hardware entropy generation module, so at least this configuration always works.
Comment by blahblah (blahblah) - Friday, 05 April 2013, 12:17 GMT
I only noticed the issue since rng-tools was installed by default on the EC2 images on http://www.uplinklabs.net/projects/arch-linux-on-ec2/.

The default configuration certainly always works, but the problem is that it breaks the established behavior of /dev/random.
Comment by Massimiliano Torromeo (mtorromeo) - Friday, 05 April 2013, 12:19 GMT
That is the whole point of rngd. I would direct your doubts to the administrator/creator of the EC2 images you are referring to. rng-tools is totally optional and not required by any other software so I don't know why it was installed by default.

I am closing this as "not a bug".
Comment by Timothée Ravier (Siosm) - Monday, 02 March 2015, 17:04 GMT
  • Field changed: Percent Complete (100% → 0%)
rng-tools is designed to work with "trusted" random input sources such as hardware rng. So failure when no such device are found is expected and valid behavior. This default configuration is never valid because this usage is never valid and one should use other pseudo random number generator explicitly designed for this purpose instead (haveged for example even though it may not be perfect). Suggesting an invalid configuration to the user as a default is not OK. See also  FS#43211 .

Loading...