rngd.service loaded failed failed Hardware RNG Entropy Gatherer Daemon

I

ihr

Member
Dec 25, 2022
37
5
13
I've started a VM using Amazon Linux 2. It was running in KVM from a Centos 8 server without any issues. But once moved to proxmox the `rngd` service that fails to start.
Window.png

I've already added a VirtIO RNG hardware device, I tested first with default values 1024 bytes / 1000 ms but the problem persist. Now testing with 16384 bytes and 500ms and still the same problem persist.

Window-2.png

Even with 0 bytes (as stated in the documentation) the service does not properly start.

What else can I do?
 
Could you please provide the output of systemctl status rngd.service?
This should give the reason why it failed to start.
 
Hello,

Thank you for your response, here is the output of that command:

Window-3.png

I actually fixed it by explicitly adding the -r and -o parameters to the /lib/systemd/system/rngd.service file:

Window-4.png

But I still don't know where the root of the problem is. Maybe it is related with the CPU defined (kvm64) and the lack of flags to the selected processor like rdrand https://en.wikipedia.org/wiki/RDRAND or something like that.

Regards
Ignacio
 
Generally speaking, rngd is not really needed anymore for kernels 5.6+, since /dev/random was made non-blocking.
Also, using -r /dev/urandom -o /dev/random is a very bad idea, since you are essentially filling your entropy pool from the system itself. See e.g. this bug report.

So if your VM runs on 5.6+, I'd recommend just uninstalling rng-tools (which rngd is part of). It's just not needed anymore at all.
 
cheiss said:
Generally speaking, rngd is not really needed anymore for kernels 5.6+, since /dev/random was made non-blocking.
Also, using -r /dev/urandom -o /dev/random is a very bad idea, since you are essentially filling your entropy pool from the system itself. See e.g. this bug report.

So if your VM runs on 5.6+, I'd recommend just uninstalling rng-tools (which rngd is part of). It's just not needed anymore at all.
Click to expand...
Good point!

I reverted the /lib/systemd/system/rngd.service file to original state (without -r and -o parameters) and modified the VM processor to IvyBridge. Now, the VM starts with Amaon Linux (AWS 2) without any issues.

The problem is definitivelly related with the CPU features available with the default kvm64 processor.
 
You must log in or register to reply here.
Top Bottom