Fwd: Bug#912087: reassign to systemd #912087 | openssh-server: Slow startup after the upgrade to 7.9p1
*** I also tried to post on bugtracker, but I do not see it there ... ***
Hi all !
I also ran into this (very) late crng_init problem which prevents login on console or ssh
on an embedded system, and reading this kind of "the problem does not come from us,
assigned to someone else" behavior makes me feel like the debian community really has a
problem. (And reading this : https://github.com/systemd/systemd/issues/4167 gives some
weight to my feelings (fixing security issues only if we notice them being exploited !!!
wow ...) )
It's loosely based on what's done by haveged (without the HAVEGE algorithm) and what is in
/etc/init.d/urandom and in the "fast init" in the drivers/char/random.c driver.
I feel like it's a quite good compromise between speed, complexity and security.
May be improved with the real HAVEGE algorithm, but I did not have time to use it, and did
not want to have the haveged daemon running forever either (and the packages installed).
Compile with :
$(CROSS_COMPILE)gcc entropy_pool_init.c -o entropy_pool_init -Wall -Wextra
and place result in /sbin
(You make have time to create a debian package for this, I don't have time for debian any
Then modify /etc/init.d/urandom to call entropy_pool_init with saved entropy file as
This should replace the (date and cat "$SAVEDFILE" )>/dev/urandom under "start" case.
you can even improve by calling this as soon as /proc and /dev are available and date got
set (from hwclock), so possibly before eudev/udev on a well configured system with a
recent well configured kernel, which will also remove all these kind of messages :
[ 3.255107] random: udevd: uninitialized urandom read (16 bytes read)