info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#912087: reassign to systemd #912087 | openssh-server: Slow startup after the upgrade to 7.9p1
40 views
Skip to first unread message
Sebastian Andrzej Siewior
Nov 29, 2018, 9:00:07 AM11/29/18
to
On 2018-11-28 13:43:07 [+0100], Olaf van der Spek wrote:
> > > They might just as well install haveged or configure virtio-rng in such
> > > a case.
> >
> > Right. Do you think, that it would necessary to add something to the
> > release notes?
>
> I do. ;)
> What's the workaround for VMware?
>
> Does it just take longer to start or do some services not start at all?
It will take longer to start, it will start. Let me pass that workaround
question to someone from vmware/virtualbox and #912087:
On a recent kernel you see something like that:
[ 68.823013] random: crng init done
which means it took almost 69 seconds for the system to initialize its
rng. OpenSSH 7.9 can be compilied against OpenSSL 1.1.1 which in turn
switched to getrandom() (for its randomness).
This syscall will block until kernel's rng is ready which took in this
example almost 69 seconds.
Those "high" numbers are not a problem on decent/recent HW but occur
oftern on in virtualized environments.
For KVM we have CONFIG_HW_RANDOM_VIRTIO. Are there any plans to get
something similar for VMware/Vbox?
[0] http://bugs.debian.org/912087
Sebastian
> > > They might just as well install haveged or configure virtio-rng in such
> > > a case.
> >
> > Right. Do you think, that it would necessary to add something to the
> > release notes?
>
> I do. ;)
> What's the workaround for VMware?
>
> Does it just take longer to start or do some services not start at all?
It will take longer to start, it will start. Let me pass that workaround
question to someone from vmware/virtualbox and #912087:
On a recent kernel you see something like that:
[ 68.823013] random: crng init done
which means it took almost 69 seconds for the system to initialize its
rng. OpenSSH 7.9 can be compilied against OpenSSL 1.1.1 which in turn
switched to getrandom() (for its randomness).
This syscall will block until kernel's rng is ready which took in this
example almost 69 seconds.
Those "high" numbers are not a problem on decent/recent HW but occur
oftern on in virtualized environments.
For KVM we have CONFIG_HW_RANDOM_VIRTIO. Are there any plans to get
something similar for VMware/Vbox?
[0] http://bugs.debian.org/912087
Sebastian
0 new messages