[Pkg-openssl-devel] Bug#912087: Bug#912087: openssh-server: Slow startup after the upgrade to 7.9p1
Kurt Roeckx
kurt at roeckx.be
Mon Oct 29 07:38:15 GMT 2018
On Mon, Oct 29, 2018 at 12:28:15AM +0000, Colin Watson wrote:
> Reassigning to OpenSSL - could the OpenSSL maintainers please have a
> look and advise what's best to do? (See the start of the bug, reporting
> a delay of more than one minute in system boot in some cases, mainly
> waiting for sshd to start.)
The biggest change related to this is that we know use
getrandom()/getentropy() on kernels that have it, so kernels
>= 3.17. And the kernel using that interface doesn't return random
numbers until it has been initialized.
Something should be initializing the kernel with random data from
the previous boot. This used to be done by /etc/init.d/urandom,
but I'm not sure if that's still used. This should be done as
early as possible during the boot not to cause such problems. You
should look into when during the boot process the kernel gets this
random data.
Kurt
More information about the Pkg-openssl-devel
mailing list