Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Virtual machines are the other problem. Because people like to clone them, or rewind them to a previously saved check point, this seed file doesn't help you.

There is work on fixing this problem (or, at least, improving the situation) on Ubuntu: http://blog.dustinkirkland.com/2014/02/random-seeds-in-ubunt...



Cloning: okay. Regenerate the seed, and also regenerate your sshd's private key.

But rewinding and restoring to a previous save point? What's the harm in keeping the seed?


I'm not sure what the author's intention was when he said that, but I think there would be a problem if you cloned, and then returned to a previous save point shared with other clones.


That's one thing.

The other one is that after rewinding you've got the identical internal state of the CSPRNG.

So you're possibly reusing the same random numbers (or closely related ones) as before.

Of course, after a short while the rewinded VM diverges. It's another flavor of the cold boot case, really.


If I rewind a VM, and it chooses the exact same random numbers this time, I consider that everything acting correctly.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: