How to make sure TrueRNG is used by GPG/SSH?

[semaphoreMember]

Hi,

I wanted to make sure I am using TrueRNG correctly for key generation. I have it installed on my system and rngtool test passes. How can I make sure gpg and ssh-keygen uses it for it’s rng source? Sorry if this is a simplistic question but I have not been able to find a definitive answer.

[semaphoreMember]

Why is this question not worthy for you to respond to but mdev questions are?

[Ubld.it StaffModerator]

Sorry about that, the mdev question was something relating to OS support for the TrueRNG, where as the ssh-keygen and gpg questions involve digging through source code that we didn’t write, so they take a lot longer, and furthermore it’s tricky if we notice something and tell you bad info based on some application we didn’t write so we will try our best.

– this is assuming a normal Linux install with the udev/mdev rules and rngd running to seed /dev/random –

First, digging through GnuPG’s site, I came across an old FAQ here searching for dev/random i see questions such as “Why does it sometimes take so long to create keys? and them referring that they need random bytes from /dev/random service.

This is a good indication that gpg is actually using /dev/random for key generation.

next digging through the source code, we find the configure script as options on specifying the entropy gatherer… you can choose linux or egd entropy gathering daemon, and there is a reference that NetBSD needs to use /dev/urandom. [doesn't segment pseudo and real random in random/urandom like Linux does].

So the ultimate question here is how was your gpg built? Looking to analyze my own gpg that came with Ubnuntu, I ran “gpg –gen-key” through strace and I do indeed see some indication of this;

I see a write system call to the screen saying “We need to generate lots of random bytes” [which you should be used to if you generate keys a lot], then I see a open system call opening /dev/random, and a read statement reading bytes.

While not definitive, it looks a lot like gpg is actually opening /dev/random and using it for key generation in my copy.

Now moving along to ssh-keygen, I start out trying to do the same thing, I come across the man page for ssh-keygen and it states here ssh-keygen man page that at the bottom it says there is an environment variable called “SSH_USE_STRONG_RNG” and states that by default it uses /dev/urandom which is pseudorandom, but you can set the environment variable to tell it to use /dev/random.

So I go to test this theory in the same manor. run ssh-keygen -f /tmp/foo with strace and look for /dev/random being opened. I don’t see any reference to either, but it does reference the fact it is obtaining its entropy from openssl libraries. I tried to do the SSH_USE_STRONG_RNG environment variable under my own install of Ubuntu, but that statement isn’t in my man page for ssh-keygen. A quick google search says that a lot of people are on the edge about OpenSSL not using /dev/random for entropy and there are various patches to rectify the subject.

So to make a summary, gpg is probably using true random entropy, and ssh-keygen is not. But neither one of these statements is 100% because of source fragmentation and distro-specific patches.

I hope this helps.

[Author]

Posts