[Whonix-devel] How to confirm jitter .ko was loaded

• Previous message (by thread): [Whonix-devel] Test results of Jitter RNG
• Next message (by thread): [Whonix-devel] How to confirm jitter .ko was loaded
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/24/19 6:21 PM, Stephan Mueller wrote:
> Am Mittwoch, 24. April 2019, 19:30:28 CEST schrieb procmem at riseup.net:
>
> Hi,
>
>> Hi Stephan. Whonix dev here. We are a VM based privacy distro and so are
>> very interested in jitter for our RNG needs.
>>
>> I was wondering how we can confirm jitterentropy's kernel module was
>> successfully loaded during boot so we can be sure it works on some
>> platforms.
> cat /proc/crypto | grep jitter
>> Do you know if it should be functional on the Xen hypervisor where Linux
>> does not have full control over bare-metal?
> Yes, definitely. Besides, the Jitter RNG will not initialize if it finds that 
> the platform does not provide the correct properties for the RNG. The Jitter 
> RNG has also a runtime check. If that runtime check identifies platform 
> failures, you will see that in dmesg :-)
>
> Though, please note that the Jitter RNG in the kernel ONLY seeds the kernel 
> DRBG and NOT /dev/random or /dev/urandom. If you want to seed them, you need 
> either the jitterentropy-rngd (which seems to be currently tested) or the 
> latest version of rngd which contains the JitterRNG as one noise source.

Interesting. The kernel DRBG is synonymous with /dev/random in our
non-expert minds. So is it correct to say jitterentropy-rngd's presence
guarantees /dev/urandom will be correctly seeded? Or does it depend on
service starting order?

>> cc/ our mailing list do our users can benefit.
>
>
> Ciao
> Stephan
>
>

• Previous message (by thread): [Whonix-devel] Test results of Jitter RNG
• Next message (by thread): [Whonix-devel] How to confirm jitter .ko was loaded
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]