Needed entropy for ssh?

Bestbeast

Active Member
Jul 29, 2016
159
3
38
28
Hello guys,

I have just had a problem while trying to login into my debian 10 VM, and it seems that ssh service takes a lot of time to startup, and some times timing out. I just searched a bit, and people was saying because of lack of entropy in VMs, and recommended installing haveged. As soon as I did, the problem was solved.

Can someone explain me why is this happening, and why should I install haveged to make it work? Am I missing something in my VM config?

Kind regards
 

Bestbeast

Active Member
Jul 29, 2016
159
3
38
28
Hello,

It seems debian 10 comes with rng-tools and it fails when it boots, any idea on why?

Kind regards
 

mbosma

Member
Dec 3, 2018
96
11
13
28
Debian 10 is stricter in accepting random data to fill /dev/urandom, this is why everything takes longer to start when running in a vm.
Here's a page from Debian about this "issue":
https://wiki.debian.org/BoottimeEntropyStarvation

To fix this issue install havaged like the article states, or on proxmox you can add a virtio device by adding the following rule to your vm's config:
Code:
args: -device virtio-rng-pci
 
  • Like
Reactions: janssensm

janssensm

Well-Known Member
Dec 18, 2016
228
71
48
From this wiki and post from Daniel Lange I understand that haveged should be used as last resort.
So adding virtio-rng-pci should be the way to go?
If so, if this a structural issue, perhaps this should be a selectable item in proxmox instead of argument.
 

Bestbeast

Active Member
Jul 29, 2016
159
3
38
28
From this wiki and post from Daniel Lange I understand that haveged should be used as last resort.
So adding virtio-rng-pci should be the way to go?
If so, if this a structural issue, perhaps this should be a selectable item in proxmox instead of argument.
Yes, strongly think so
 

mbosma

Member
Dec 3, 2018
96
11
13
28
I use this solution myself too.
Having one daemon to provide isn't that bad, when running 100+ vm's on a host however feels like a waste of resources.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!