rngd (part of the rng-tools package) should be enabled by default.
- Name: Jeff Garzik
- Email: firstname.lastname@example.org
- Targeted release: Fedora 18
- Last updated: 2012-08-06
- Percentage of completion: 95%
Linux generally relies on extracting entropy from noise in the compute environment for users of random numbers. However, in several critical compute environments entropic noise is notoriously scarce: servers, embedded systems, and virtual machines.
Some platforms provide a hardware random number generator, or they have a Trusted Platform Module (TPM); in particular KVM provides the rng-virtio interface to guests. Furthermore, rngd can make direct use of an architectural random number generator (currently it supports the x86 RDRAND instruction available in newer Intel processors.)
Lack of entropy is both a performance and a security problem. In the worst case it can result in duplicate key generations, as was recently discovered on Linux systems in the field.
There has been a number of functionality problems with rngd in the past, however, these should hopefully be eliminated in the just released version 4. Furthermore, if there are functionality problems remaining they should be reported upstream so they can be fixed, rather than leaving the daemon disabled with all the security hazards that entail.
- rngd should be turned on by default. - rngd should be started as early as possible.
Note that when using TPM, rngd currently conflicts with tcsd from TrouSerS. The solution to that is a kernel module which is probably going to be merged upstream in the 3.7 kernel, as it unfortunately missed the 3.6 merge window; however, it is a small patchset and it can be trivially backported. It should be in James Morris' linux-security git tree shortly; otherwise search for Kent Yoder on LKML.
Benefit to Fedora
Kernel random number generator has plenty of entropy on servers, virtual machines and other platforms.
- Update rng-tools to version 4 (done).
- Get rng-tools added to core list of packages.
How To Test
Run random-intensive tests such as certificate / key generation.
Invisible, or, better kernel random entropy.
See above extended description.
Additional entropy is available for kernel random number generator users, particular for setups with low entropy such as servers or virtual machines.