On Tue, 29 Oct 2013 at 13:09:08 +0100, Milan Kral wrote > The problem is that in /etc/rcS.d the scripts S07cryptdisks-early, > S09cryptdisks are run before S13urandom. We are trying to read from > /dev/urandom before the Linux random number generator is properly > seeded. This can lead to predictable encryption key for the swap > partition.
That's problematic, indeed. For the record, the situation doesn't seem to be better with systemd: Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available) Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available) Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available) Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available) Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available) Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available) Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available) Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available) Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available) Sep 16 18:35:40 debian kernel: random: udevadm: uninitialized urandom read (16 bytes read, 1 bits of entropy available) […] Sep 16 18:35:40 debian systemd[1]: Found device /dev/vda1. Sep 16 18:35:40 debian systemd[1]: Starting Cryptography Setup for swap... Sep 16 18:35:41 debian kernel: device-mapper: uevent: version 1.0.3 Sep 16 18:35:41 debian systemd-cryptsetup[518]: Set cipher aes, mode xts-plain64, key size 256 bits for device /dev/vda1. Sep 16 18:35:41 debian mkswap[576]: Setting up swapspace version 1, size = 64 MiB (67072000 bytes) Sep 16 18:35:41 debian mkswap[576]: no label, UUID=eca1d0f8-e1da-4ed6-867c-86c4bfca92f5 Sep 16 18:35:41 debian systemd[1]: Started Cryptography Setup for swap. Sep 16 18:35:41 debian systemd[1]: Reached target Encrypted Volumes. Sep 16 18:35:41 debian systemd[1]: Found device /dev/mapper/swap. Sep 16 18:35:41 debian systemd[1]: Activating swap /dev/mapper/swap... Sep 16 18:35:41 debian systemd[1]: Activated swap /dev/mapper/swap. Sep 16 18:35:41 debian systemd[1]: Reached target Swap. Sep 16 18:35:41 debian kernel: Adding 65500k swap on /dev/mapper/swap. Priority:-1 extents:1 across:65500k FS […] Sep 16 18:35:44 debian login[662]: ROOT LOGIN on '/dev/tty1' Sep 16 18:35:48 debian kernel: random: nonblocking pool is initialized (Note the “random: nonblocking pool is initialized” at the very end, long after initializing swap, even after login.) -- Guilhem.
signature.asc
Description: PGP signature