Mailinglist Archive: opensuse-factory (498 mails)

< Previous Next >
Re: [opensuse-factory] Increase entropy in openQA?
On Thu, 19 May 2016 16:45:44 +0300
Shyukri Shyukriev <shshyukriev@xxxxxxxx> wrote:

On 5/19/16 3:41 PM, Josef Reidinger wrote:
On Thu, 19 May 2016 15:12:57 +0300
Shyukri Shyukriev <shshyukriev@xxxxxxxx> wrote:

Cross-posting to Factory...

Hello All,
I'm struggling with testing OBS Appliances (
https://openqa.opensuse.org/group_overview/17 ) which uses gpg
keygen during setup.
Checking the appliance started with openQA QEMU_VIRTIO_RNG=1
options shows:

cat /proc/sys/kernel/random/entropy_avail
16

while on o.o.o w/o QEMU_VIRTION_RNG entropy_avail is ~37


Googling about the topic suggests using dev/urandom, but it's not
secure enough...

http://linux-audit.com/gpg-key-generation-not-enough-random-bytes-available/
http://serverfault.com/questions/471412/gpg-gen-key-hangs-at-gaining-enough-entropy-on-centos-6

Any ideas?

serial0 log
https://openqa.opensuse.org/tests/196141/file/serial0.txt

Best regards

Hi Shyukri,
in installation when we need good enough pool of entropy we use
haveged service - http://www.issihosts.com/haveged/

Josef


Log shows that it starts and then stops quickly.
Is it normal?

[ 27.093445] systemd[1]: Starting Entropy Daemon based on the
HAVEGE algorithm...
Starting Entropy Daemon based on the HAVEGE algorithm...
[ OK ] Started Entropy Daemon based on the HAVEGE
algorithm. [ 27.105412] systemd[1]: Started Entropy Daemon based on
the HAVEGE algorithm.

.....
[ 27.355541] systemd[1]: Stopped Entropy Daemon based on the HAVEGE
algorithm.

It looks strange for me. I see that yast only stops haveged after
unmounting disks, which should not be your case. So maybe check logs
who stops it. As enabled haveged can really help you.

Josef
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >