[Openswan Users] /dev/random question

Kim Phillips kim.phillips at freescale.com
Wed Nov 23 11:23:47 CET 2005 

On Wed, 23 Nov 2005 17:50:31 +0100 (CET)
Paul Wouters <paul at xelerance.com> wrote:

> On Wed, 23 Nov 2005, Nick wrote:
> 
> > I tried doing the "ipsec newhostkey" on a machine of mine, and after 30+
> > minutes it still wasn't finished.
> >
> > So I told it to use /dev/urandom instead of /dev/random, and it was
> > finished in a few seconds.
> 
> Yes, but you should not do that, since the /dev/urandom random is not
> as strong as the /dev/random.

rng-tools-2 will fill /dev/random with entropy, and do a fips (true randomness) check for you.  

You can find it here:  http://sourceforge.net/projects/gkernel/

If you don't have a hw rng (see linux/Documentation/hw_random.txt), you can do something like:

rngd --rng-device=/dev/urandom  #if you had a hw rng, you'd use /dev/hwrandom

and be um, "much stronger off" than with /dev/urandom.

Ideally, one would find a true source of entropy, like an ethernet controller's interruption rate.  There is a flag you can set in the ethernet driver's request_irq() call.  Add '| SA_SAMPLE_RANDOM' to the 3rd parameter in the call, recompile the kernel, run, and /dev/random should have it's lights on _and_ be home :-)

> 
> > From what I understand /dev/random can take an extremely long time if it

btw, I think it blocks indefinitely if /proc/sys/kernel/random/entropy_avail is 0.

> > is a headless box with no hard drive (just a small flash card), which is
> > all you really need for a VPN router.
> 
> One way to bypass this is to generate the host key on another machine.
> 
> > Anyway I am wondering if this is going to cause a problem with the normal
> > operation of openswan.  I don't know if it uses /dev/random in normal
> > operation, other than generating keys/certs.
> 
> No, for all other uses, /dev/urandom is used, since it is strong enough for
> session keys that last an hour. Your RSA key that you generate with the
> newhostkey command though might be active for years, and should not be using
> a weaker form of random. If hardware random support is detected, that is
> used instead. (eg when using a VIA C3 with PadLock)
> 
> > I really would like to use /dev/random, but it's not just a problem of
> > waiting (possibly several hours) once.  This is actually a little distro
> > that I use for a fair amount of people/customers so I can't effectively
> > have them all wait some extremely long (and unknown) time for the
> > keys/certs to generate.  I wish there was a way to speed this up without
> > using /dev/urandom, but I don't know how.  It looks like the new intel
> > motherboards (which is what we are using, all new p4/celeron based
> > systems) don't have the onboard random number generator.  And I don't want
> > to buy a hardware card just for this.
> 
> Give your customers the box with a pre-calculated key, or write some application
> that they can run on their machine to generate the key and upload to your
> appliance.
> 
> Paul
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users


--

More information about the Users mailing list