Entropy question

oO.o · May 8, 2020, 6:58pm

Noticed that openscap has more profiles for RHEL8 now, which is nice. Looking at the NIST one, it definitely addresses some things that the DISA one overlooks. For instance, I don’t think DISA has any entropy hardening which seems like an oversight.

Speaking of entropy, quick question: the NIST profile says to configure strong entropy for ssh):

SSH_USE_STRONG_RNG=32

But caveats by saying:

Warning: This setting can cause problems on computers without the hardware random generator, because insufficient entropy causes the connection to be blocked until enough entropy is available.

A quick search on this yielded this helpful RHEL article which mentions that Intel has included a hardware random generator starting with Ivy Bridge. I assume AMD offers something comparable. Anyone know what the flag is for it so I can set this conditionally in a script?

But what does this mean for earlier processors? I have some old servers running Westmere chips. What’s the entropy source there, or was it just left up to software to work out based on inputs, jitter and that sort of thing? Will configuring ssh this way on those systems lead to the system hanging? Is havgead relevant here?

You can buy usb entropy generators. These appear to be marketed to raspberry pis and similar which makes sense. Is it worth getting something like this for a server from 2011?

Dynamic_Gravity · May 8, 2020, 7:35pm

I believe it just uses /dev/urandom. Or were you referring to something deeper?

SgtAwesomesauce · May 8, 2020, 7:37pm

Uhh, you’re shit out of luck.

Some chipsets have them. Some servers have them as a separate device, it’s really hard to know if your older server has one.

Newer AMD stuff has it, not sure about older stuff.

oO.o · May 8, 2020, 8:14pm

I assume all of this is underneath

Do you know what the processor feature flag is for it?

SgtAwesomesauce · May 8, 2020, 8:20pm

Let me see if I can find it.

I think it’s RDRAND My threadripper has it, and according to wikipedia, “AMD added support for the instruction in June 2015”

cpu info

vendor_id	: AuthenticAMD
cpu family	: 23
model		: 1
model name	: AMD Ryzen Threadripper 1950X 16-Core Processor
stepping	: 1
microcode	: 0x8001137
cpu MHz		: 2159.029
cache size	: 512 KB
physical id	: 0
siblings	: 32
core id		: 15
cpu cores	: 16
apicid		: 31
initial apicid	: 31
fpu		: yes
fpu_exception	: yes
cpuid level	: 13
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid amd_dcm aperfmperf pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb hw_pstate sme ssbd sev ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt sha_ni xsaveopt xsavec xgetbv1 xsaves clzero irperf xsaveerptr arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif overflow_recov succor smca
bugs		: sysret_ss_attrs null_seg spectre_v1 spectre_v2 spec_store_bypass
bogomips	: 7584.97
TLB size	: 2560 4K pages
clflush size	: 64
cache_alignment	: 64
address sizes	: 43 bits physical, 48 bits virtual
power management: ts ttp tm hwpstate eff_freq_ro [13] [14]

oO.o · February 6, 2021, 2:20pm

This topic was automatically closed 273 days after the last reply. New replies are no longer allowed.