This More security features on Buster by HulaHoopWhonix · Pull Request #87 · Kicksecure/libvirt-dist · GitHub i.e. setting from
<backend model='random'>/dev/random</backend>
to
<backend model='random'>/dev/urandom</backend>
has to be carefully considered.
Is this recommended / discussed somewhere?
What would happen in the guest if /dev/random on the host (“backend”) blocks?
With havegend and/or jitterentropy-rngd installed on the host, neither /dev/random nor /dev/urandom seem to ever block.
Even without havegend and/or jitterentropy-rngd installed on the host, are inside VM issues, i.e. /dev/random entropy blocking/exhaustion issues ever been reported or reproducible?
If Entropy, Randomness, /dev/random vs /dev/urandom, Entropy Sources, Entropy Gathering Daemons, RDRAND i.e.
/dev/random vs. /dev/urandom
This debate comes from a misconception by the Linux manual writer. […]
is true, then /dev/random vs. /dev/urandom does not really matter and /dev/urandom would be secure either way.
On the other hand Myths about /dev/urandom - Thomas' Digital Garden while “being a strong critic of using /dev/random” still concludes
Linux’s /dev/urandom happily gives you not-so-random numbers before the kernel even had the chance to gather entropy. When is that? At system start, booting the computer.
And I like to add: “When is that? At system start, booting the computer, or when there is a bug.”
It depends on how much entropy KVM reads from the virtio-rng backend and when that is happening. Since there probably never were blocking issues due to use of /dev/random instead of /dev/urandom (?), /dev/random seems better to me.