i am trying to set up Passbolt on Ubuntu 22.04 LTS
During the step of checking the entropy I noticed that it is stuck at 256.
I tried to install rng-tools and haveged to increase it but it is still at the value of 256.
I am running Ubuntu 22.04.1 LTS / 5.15.0-48-generic on a VM.
I have read that in a recent update the entropy value was capped at 256 but I can’t figure out if this in any way would hinder Passbolt from working properly.
It’s not a bug or an issue, this has been picked up by thousands of unix users. Everyone running kernel v-5.15.0-47 and up would have the entropy hardcoded at 256.
I am not too sure how passbolt would react to low entropy as i always aim for 3000+ preferably 4096
As I am reading through the patch comments, it appears that the structuring of the random number generation has changed and running out of entropy (or a security concern of an attacker zeroing it out) is no longer a risk?
Maybe I’m reading it wrong, but it seems better to me if the rng process is started with a controllable encryption algorithm rather than vulnerable noise sourcing which can be compromised, leading to no randomness. In this way entropy is always secure and cannot be exhausted.