© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
> Using /dev/urandom does resolve the issue, but is it as secure?
There are more things that could happen to make it less secure now. My understanding: though the early entropy is going to /dev/urandom now, there may be more things that feed from /dev/urandom (thus using that entropy up), and there is nothing to hold Tomcat back to wait for more entropy like there was before.
Must Tomcat block everything while it is waiting for entropy, or does the system still boot?
Fundamentally, the issue is that the system needs an early entropy source, and VMs have little. The kernel decides what is safe and available to use, and so if Tomcat wants high quality entropy and the kernel now says to wait, it'll have to wait.
I wonder if there is a bigger picture solution to this. What if, for example, an external source could optionally provide some entropy to the VM for early boot? cloud-init could take it then, for example, and feed the kernel, at least for the first-ever boot. Disadvantages: you have to trust the host more than you did before; the fed entropy would be have stored, and thus vulnerable to compromise; people may do it wrong. Though I'm no expert, and something like this definitely needs to be checked by an expert before doing it.