imthenachoman / How-To-Secure-A-Linux-Server

An evolving how-to guide for securing a Linux server.
Creative Commons Attribution Share Alike 4.0 International
17.51k stars 1.12k forks source link

More secure random entropy pool #33

Closed branneman closed 5 years ago

branneman commented 5 years ago

Thanks for this How-To guide, I'm happy this project exists!

A lot of linux servers are headless (no keyboard/mouse/monitor), and therefore have less sources for good entropy as there is no human interaction beyond ssh. There have been cases of headless servers generating predictable ssh keys after boot. [1]

Thus it can be reasoned that security can be increased by setting up additional sources for entropy. A simple sudo apt-get install rng-tools on debian-based distro's already adds value, but there might be more tools available.

I suggest adding this as a section to the guide.

Sources:

ThatLurker commented 5 years ago

A section for hardware based entropy tools could be nice too for example https://www.crowdsupply.com/13-37/infinite-noise-trng

imthenachoman commented 5 years ago

@branneman Wow. That is great. I had never even considered that. Will work on adding it. Thanks!

imthenachoman commented 5 years ago

@pahakalle Now that is interesting. I'd be worried about trusting the hardware tech. I'll do some research. Thanks!

imthenachoman commented 5 years ago

Added something basic for now. I'll add more detail when I have time.

imthenachoman commented 5 years ago

Thanks again!

Triveri commented 3 months ago

Is this still relevant? Some of the sources linked about this topic were updated, and it seems that since version 5.6 of the kernel, /dev/random doesn't block anymore either, and behaves almost the same as /dev/urandom. As such, there doesn't seem to be anymore a need to generate entropy for the randomness pool on modern linux systems.

Also, the problem with headless server generating predictable keys at boot seems to be mitigated by getrandom(2), a syscall available from Linux 3.17 onward, which blocks until it has gathered enough initial entropy, and then never blocks after that point.

Sources:

imthenachoman commented 3 months ago

I'm not sure. I've been a bit occupied with things and haven't had time to dig into this. But I will accept PRs if folks want to make changes.