I've performed some testing on Trusty's pollen package, and everything
looks good!
ubuntu@ip-172-30-0-237:~⟫ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.4 LTS
Release: 14.04
Codename: trusty
ubuntu@ip-172-30-0-237:~⟫ dpkg -l pollen
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version
Architecture Description
+++-===========================================================-==================================-==================================-============================================================================================================================
ii pollen
4.21-0ubuntu1~14.04 amd64
Entropy-as-a-Service web server
ubuntu@ip-172-30-0-237:~⟫ sudo apt install pollen
sudo: unable to resolve host ip-172-30-0-237
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
ent rng-tools
The following NEW packages will be installed:
ent pollen rng-tools
0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,338 kB of archives.
After this operation, 7,554 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ trusty/universe ent amd64
1.1debian-3 [13.9 kB]
Get:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ trusty-proposed/universe
pollen amd64 4.21-0ubuntu1~14.04 [1,302 kB]
Get:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ trusty-updates/universe
rng-tools amd64 4-0ubuntu2.1 [21.8 kB]
Fetched 1,338 kB in 0s (8,036 kB/s)
Selecting previously unselected package ent.
(Reading database ... 76900 files and directories currently installed.)
Preparing to unpack .../ent_1.1debian-3_amd64.deb ...
Unpacking ent (1.1debian-3) ...
Selecting previously unselected package pollen.
Preparing to unpack .../pollen_4.21-0ubuntu1~14.04_amd64.deb ...
Unpacking pollen (4.21-0ubuntu1~14.04) ...
Selecting previously unselected package rng-tools.
Preparing to unpack .../rng-tools_4-0ubuntu2.1_amd64.deb ...
Unpacking rng-tools (4-0ubuntu2.1) ...
Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
Processing triggers for ureadahead (0.100.0-16) ...
Setting up ent (1.1debian-3) ...
Setting up pollen (4.21-0ubuntu1~14.04) ...
Generating a 4096 bit RSA private key
..........................................................++
..............................................++
writing new private key to '/etc/pollen/key.pem'
-----
pollen-restart start/running, process 4124
pollen start/running, process 4170
Setting up rng-tools (4-0ubuntu2.1) ...
Trying to create /dev/hwrng device inode...
Starting Hardware RNG entropy gatherer daemon: rngd.
Processing triggers for ureadahead (0.100.0-16) ...
ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s http://localhost:80
sudo: unable to resolve host ip-172-30-0-237
pollinate: system was previously seeded at [2016-07-29 18:35:31.536507000 +0000]
pollinate: To re-seed this system again, use the -r|--reseed option
ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s http://localhost:80 -r
sudo: unable to resolve host ip-172-30-0-237
pollinate: system was previously seeded at [2016-07-29 18:35:31.536507000 +0000]
pollinate: client sent challenge to [http://localhost:80]
pollinate: client verified challenge/response with [http://localhost:80]
pollinate: client hashed response from [http://localhost:80]
pollinate: client successfully seeded [/dev/urandom]
ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s http://localhost:80 -r
sudo: unable to resolve host ip-172-30-0-237
pollinate: system was previously seeded at [2016-07-29 18:41:22.500805583 +0000]
pollinate: client sent challenge to [http://localhost:80]
pollinate: client verified challenge/response with [http://localhost:80]
pollinate: client hashed response from [http://localhost:80]
pollinate: client successfully seeded [/dev/urandom]
ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s http://localhost:80 -r
sudo: unable to resolve host ip-172-30-0-237
pollinate: system was previously seeded at [2016-07-29 18:41:30.108805583 +0000]
pollinate: client sent challenge to [http://localhost:80]
pollinate: client verified challenge/response with [http://localhost:80]
pollinate: client hashed response from [http://localhost:80]
pollinate: client successfully seeded [/dev/urandom]
ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s https://localhost:443 -r
sudo: unable to resolve host ip-172-30-0-237
pollinate: system was previously seeded at [2016-07-29 18:41:31.864805583 +0000]
pollinate: client sent challenge to [https://localhost:443]
Jul 29 18:41:57 ip-172-30-0-237 pollinate: WARNING: Network communication
failed [0]\n18:41:57.604418 * Rebuilt URL to: https://localhost:443/
18:41:57.604501 * Hostname was NOT found in DNS cache
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--
018:41:57.608989 * Trying 127.0.0.1...
18:41:57.609614 * Connected to localhost (127.0.0.1) port 443 (#0)
18:41:57.610109 * successfully set certificate verify locations:
18:41:57.610133 * CAfile: /etc/pollinate/entropy.ubuntu.com.pem
CApath: /dev/null
18:41:57.614255 * SSLv3, TLS handshake, Client hello (1):
18:41:57.614281 } [data not shown]
18:41:57.614344 * SSLv3, TLS handshake, Server hello (2):
18:41:57.614362 { [data not shown]
18:41:57.614405 * SSLv3, TLS handshake, CERT (11):
18:41:57.614423 { [data not shown]
18:41:57.614578 * SSLv3, TLS alert, Server hello (2):
18:41:57.614601 } [data not shown]
18:41:57.614653 * SSL certificate problem: self signed certificate
18:41:57.614674 * Closing connection 0
curl: (60) SSL certificate problem: self signed certificate
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s https://localhost:443 -r --insecure
sudo: unable to resolve host ip-172-30-0-237
pollinate: system was previously seeded at [2016-07-29 18:41:31.864805583 +0000]
pollinate: client sent challenge to [https://localhost:443]
pollinate: client verified challenge/response with [https://localhost:443]
pollinate: client hashed response from [https://localhost:443]
pollinate: client successfully seeded [/dev/urandom]
ubuntu@ip-172-30-0-237:~⟫ tail -f /var/log/syslog | grep pollen
Jul 29 18:40:42 ip-172-30-0-237 kernel: [ 318.322041] init: pollen-restart
main process (4124) terminated with status 1
Jul 29 18:40:42 ip-172-30-0-237 pollen[4170]: pollen starting at
[1469817642774105618]
Jul 29 18:40:42 ip-172-30-0-237 kernel: [ 318.598660] type=1400
audit(1469817642.964:15): apparmor="STATUS" operation="profile_load"
profile="unconfined" name="/usr/bin/pollen" pid=4178 comm="apparmor_parser"
Jul 29 18:41:22 ip-172-30-0-237 pollen[4170]: Server received challenge from
[127.0.0.1:58344, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7
cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64
Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817682497520057] with
[e3110] available
Jul 29 18:41:22 ip-172-30-0-237 pollen[4170]: Server sent response to
[127.0.0.1:58344, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7
cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64
Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817682497592495] in
[0.000123s] with [e2430] available
Jul 29 18:41:30 ip-172-30-0-237 pollen[4170]: Server received challenge from
[127.0.0.1:58345, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7
cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64
Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817690105111041] with
[e3087] available
Jul 29 18:41:30 ip-172-30-0-237 pollen[4170]: Server sent response to
[127.0.0.1:58345, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7
cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64
Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817690105175112] in
[0.000121s] with [e2423] available
Jul 29 18:41:31 ip-172-30-0-237 pollen[4170]: Server received challenge from
[127.0.0.1:58346, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7
cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64
Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817691860329191] with
[e3081] available
Jul 29 18:41:31 ip-172-30-0-237 pollen[4170]: Server sent response to
[127.0.0.1:58346, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7
cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64
Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817691860396677] in
[0.000136s] with [e2441] available
Jul 29 18:42:04 ip-172-30-0-237 pollen[4170]: Server received challenge from
[127.0.0.1:33630, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7
cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64
Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817724277826067] with
[e3106] available
Jul 29 18:42:04 ip-172-30-0-237 pollen[4170]: Server sent response to
[127.0.0.1:33630, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7
cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64
Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817724282455502] in
[0.004709s] with [e2726] available
** Tags added: verification-needed
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to pollen in Ubuntu.
https://bugs.launchpad.net/bugs/1605635
Title:
[SRU] Please backport pollen
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pollen/+bug/1605635/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
