From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7016599000890474496 X-Received: by 2002:a19:8c4b:: with SMTP id i11mr9086703lfj.278.1633679263400; Fri, 08 Oct 2021 00:47:43 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6512:3499:: with SMTP id v25ls1625680lfr.0.gmail; Fri, 08 Oct 2021 00:47:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwcyT9/iGAvhZqqRGhKad37O8+4Zc4Kg9q1N3bN+UVbt+1WwV1fS8ajBpaBV3fn0NEV6aH2 X-Received: by 2002:a19:6a16:: with SMTP id u22mr8773943lfu.254.1633679262400; Fri, 08 Oct 2021 00:47:42 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1633679262; cv=pass; d=google.com; s=arc-20160816; b=FsPf6b4hC7w/bakDR7K71sZOgspm29RI2mfZOUx3AkrcF6qnrNMX1CxtT89OnvDQCW OsH6kx/Ze6LYKrty/7jFEYHKsAcu684rpfo8wjKY+ho3mp2OZrtjv7/LQLs/VLi+1PLW QUFbtFfvtVyJgGm/6mZSkNi+YlWfY9rv3cRKN3yZoIlQ79hK4UhEO21LVGyKMltO50u9 Oxb5EIS4vaX5/4yRaeTubmfA1WDmYkJijx6X5SzMWGVmIiQFOqXCmAgeJV+iVHe/NLh+ bXEGTJKLHc6WIYsozxtZrNqfLag1cBm6e8OwKhM8B7WF4isYRsryAatFKMveRQS+y6H9 ozOg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=nucsJhPyXhZffJ4qtZbX5y9o0OuHXsqwg9UKQsjn6dg=; b=RjuQrxAiCcEaX+0wHAKXR+EkiHZvdQjFOLoe7TMIdu3ss+c/th7TdglZGiiau/0i4E 8XlaNszYDs2u2VgqFb3660eArvjwJpWMIPAk0XevB8+c4xav3KAvfgLbafom2VVpNUEK G0faeIsaRzM70JLT9HwSjPTeF9xKPav4cKNl/5oSApJ2zt7I5FR+c/U/IrnsFaASKijJ DD73HOa+GDLPU0hfraGXGm8mWRc5Zdw3c0BdAmjWOPGqcfB7EJw2I2BVtNmqxxAZ0zRr OAgHlpkcvZqCFZNK67xYhEbIkgE1W92dEXA/nTtSztNoxi18jxX7Lu1HdpJmSOWUZf+O KjOg== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.onmicrosoft.com header.s=selector1-siemens-onmicrosoft-com header.b=H4XQCMmM; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of florian.bezdeka@siemens.com designates 40.107.7.47 as permitted sender) smtp.mailfrom=florian.bezdeka@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70047.outbound.protection.outlook.com. [40.107.7.47]) by gmr-mx.google.com with ESMTPS id h4si112740lft.8.2021.10.08.00.47.42 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 08 Oct 2021 00:47:42 -0700 (PDT) Received-SPF: pass (google.com: domain of florian.bezdeka@siemens.com designates 40.107.7.47 as permitted sender) client-ip=40.107.7.47; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.onmicrosoft.com header.s=selector1-siemens-onmicrosoft-com header.b=H4XQCMmM; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of florian.bezdeka@siemens.com designates 40.107.7.47 as permitted sender) smtp.mailfrom=florian.bezdeka@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oPyMVMxWWJvPbsnCc+x3njtANBqa19rylzSzWV//9/m0mJRGu5eVVH59vpprHplI0SM5ezD0HG8YwSREaDaWQP+ADtM0zbjJk8U/x+oQLR1J3JHT1LZBz2LnY8UNZNzgB1P9cdm5drL0wEmqRsTDBTTibT0tkn4Bjn8bW1QhSjVqrqcKY2sOfuAm1uuz3wtPTFg8Pk66jD4zmGKGX4vSR8B1JHsnJ0HzKgwxVsyb9e4SPFYHZDcv5aIjN9v6Qe7ziUKEMcIsSeK3inR3Dsbb9ddRZs98nro9sqOCezXtEOW/lLtETbViJZt8EsudNP7LN8tOY4WtztlrNVg4SOH0rw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nucsJhPyXhZffJ4qtZbX5y9o0OuHXsqwg9UKQsjn6dg=; b=j4NVBd01CqEd+h1JfYDQ9WWk4arjiUYxGAXb0Dg1+FGKdcJQdV5fnP2UOIM6LTFmYB4q/jBXZ1neewupc1MtKG8wGJyL+XjX33PnyBTbsB2OdR1Q0I55U4GuHsTrdPO/XKb0KpI9jdEBEUNn2SF55fVVy8A93hMFeKvG6Hv7RwpTYNIhjAte3Eak4IKo47NI1LL2ZHZfySysi4Zeh4PnLXt7IyXweJk9AGvbN13HHvLF72p03BWEnyqh7xgktu5VQEoj4nRmG/6Togp58VrPbHmqPrH2K2PhvVHc4nHjgk6yVRM8F3x+kvzsba8Ot5BW26qMnMvc2OT+uGDMpgPgMQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.onmicrosoft.com; s=selector1-siemens-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nucsJhPyXhZffJ4qtZbX5y9o0OuHXsqwg9UKQsjn6dg=; b=H4XQCMmMMz7XmuCGULKBdkCb5jA+cCVFOMpv22G56PAFekCXotinIrMyzULcIOS58mfZuVaDmOcX6Xrg8tUOKM1VWZsnGNe5EfWZu2901PNVSMJBExmsablTiv0wJkfpojatZCT0ENMuS0iM1boCUJ/izVSUCy2zlvFpQbqwM/E= Authentication-Results: googlegroups.com; dkim=none (message not signed) header.d=none;googlegroups.com; dmarc=none action=none header.from=siemens.com; Received: from AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:49::10) by AM0PR10MB2097.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:3f::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.21; Fri, 8 Oct 2021 07:47:40 +0000 Received: from AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM ([fe80::d07:fc8:871d:3fcc]) by AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM ([fe80::d07:fc8:871d:3fcc%6]) with mapi id 15.20.4587.022; Fri, 8 Oct 2021 07:47:40 +0000 From: Florian Bezdeka To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, henning.schild@siemens.com, Florian Bezdeka Subject: [PATCH 1/2] sshd-regen-keys: Start key generation after entropy seed Date: Fri, 8 Oct 2021 09:47:31 +0200 Message-Id: <20211008074732.212145-2-florian.bezdeka@siemens.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20211008074732.212145-1-florian.bezdeka@siemens.com> References: <20211008074732.212145-1-florian.bezdeka@siemens.com> Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: AM6P191CA0064.EURP191.PROD.OUTLOOK.COM (2603:10a6:209:7f::41) To AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:49::10) Return-Path: florian.bezdeka@siemens.com MIME-Version: 1.0 Received: from localhost (2a02:810d:82c0:38fc:30d6:ec3a:bc18:37f5) by AM6P191CA0064.EURP191.PROD.OUTLOOK.COM (2603:10a6:209:7f::41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.18 via Frontend Transport; Fri, 8 Oct 2021 07:47:40 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: e45c879c-43aa-4d2b-3143-08d98a2fe7ca X-MS-TrafficTypeDiagnostic: AM0PR10MB2097: X-LD-Processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6430; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 8sQ+CykCEJoX18kAVnRXULmt+LKSvZY9qhOtOmOSXyjAv/spoVYPxX2gax66dQz8E87jYYF6M1MR9jOxG6t51dQEw9lZcWtXYvwBKE8IDO5x0RlpK82vWYP+iap4+fjzDXmorqO5jjZ6thLRjyPoCd7wOYYk5YAXg/4LGQ6J/iNSDPGSrQiLe0bx9pef5O1Q2OyLNfOlx3P/u8jm0eMJncWb2UQ8c7jVUM/3u82u/Mrpf8T4nEL73Xjq8XLW25MkpqtfSryIKRzkFpMVPmldDln8FgpeuLSBYk9Y8s3bI9kIZa+HnElFLsnOZffbvUQm9vuiPGf+a7Ncb2FYjPYmzE/4QSNfffKijsVoK7Hurb6r5VicKjuiHjYTXhT+4B82b6txRQCF2ydtWSVxyFeQgeOYpTnZ/tvw+rUeYV9ZKmscGSI45Vh0Fc21HrlkfWcY8W+ztMPD/FWlcukFoitaGzpEb5gDmImdoZ7+HWkhy3A7ty8uywBFsbY5rq1UIGNNp0sw/LIy6bSSUpWd5ylKYHzUanUFq438p+RjyDMIrs/PCmKh5OnxbcFTrIGxsMmb+E59PpqRvGviDNlNfHB8NRTlW2agqJqUSLRoxuLq+dlzIW8Y6IABsuvLR0lzsqbguRk66gsQCEOr0YeYR578vQ== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(4636009)(366004)(66946007)(66476007)(66556008)(186003)(6496006)(1076003)(508600001)(8676002)(6916009)(8936002)(44832011)(2906002)(38100700002)(316002)(36756003)(6666004)(4326008)(107886003)(5660300002)(6486002)(2616005)(86362001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?4OHxs3qockYGrRPsRWw7abIz2c+KkbVOWHrmgnvlkIs7vpO9mG6wvSgYsj2y?= =?us-ascii?Q?+2vN9cZfBFP+Bs8V1/VmMrGQfYLGf8naL/YMUgZQEh0vJI2RQ+kiJWLaCcGD?= =?us-ascii?Q?R8EZKJmKyQU7cixGPXdsS4rM661mK0OxnmBmiFUh2j1pXNfOI4XLwKBxKttU?= =?us-ascii?Q?xz3TIcEtcrh4bmPd6Ufq/NBr3JbhTkI1/K1vBpJL005IEtf49uWxhD5HcNUB?= =?us-ascii?Q?Q6EvjFX0RNcDpAgNLFXto6jyCzVMnPS7wTyPxof8i3fcAa8faU5QXAFewsOF?= =?us-ascii?Q?RtIsc0etaDnRXsHlHBUJqgASiTTMCmPQBkNW2vvnu0u4FCu++uOqMrShGjB/?= =?us-ascii?Q?uyPT4TSyrWr3sqQ8LBQkXk4lMROeGyhEX4Y1m/whGGrpn4BJA5s9ULttmDVS?= =?us-ascii?Q?FWlG+GhZM+7o4e5yzoJGOv5nFOdwMlBGQfg2+OWyt8TkbTbWIL4q812G1qXC?= =?us-ascii?Q?F4SrwhBNNSimMGaZCHwiNujJJnFdFuu3QXoKzjSthzG6O6B6I/9FWFle9ezf?= =?us-ascii?Q?bmbjzfFeSpvVtgf6rLUDPQtM0SODKAvD3HxN8mF8IuTUP220FHCODppB9c/T?= =?us-ascii?Q?ITdfxUu2uyJ/TlEz6WcZHZBVae5HghpSO8lMtamvp440QZnmHoMkE3T3hj+A?= =?us-ascii?Q?sCTE3MxGULb+kFd5NWSeepmgjcXedc/NH04rwOMguJLXmTgHuSE4k7Wsc75s?= =?us-ascii?Q?k7S4j9i+FBsEqbvM5blwtkTd7dQTHKPMlHnCq4XBqEPntvfxHJxqG8Nangma?= =?us-ascii?Q?4xQoTeZMj0o7NL+vwZ/dFv2Dyb5tPF+wfLSJWGNyS+zxGjDecQvwyCRuoH2i?= =?us-ascii?Q?r3hJG1+gkxaBPFOUIhRPaan15CWW3m9xJnbe4rph9lPEPV41Z4XpHZTouYOI?= =?us-ascii?Q?wTQ9qHFWFplnTia0otCCs+Xqeicsgo19h2UHsblMoLOLPD0jj4xUp0YFBOya?= =?us-ascii?Q?rBJY3bv3ePlQ5LA4SUca27sgA4aLFu+on0/GO53N7Q9q+5CjEjnosJC5vLv3?= =?us-ascii?Q?aYuHFRTcQ55D7xHRcfxONt0QIuHLZ4DSmUx03MZXDPe28JaXv3lyZcBe6stN?= =?us-ascii?Q?KN5QJKzkKgWNUD5J2fTzkURlHnBhmADoOhVwgEBJVWTEdqdsHQhyfZ9oqUhU?= =?us-ascii?Q?WS6XZknZFZTkILJULtF7hPatp0WTfTBVbxWu1+zq6uCsSOJzS0MqVc9FsfZh?= =?us-ascii?Q?XBRiL3KKtKRzLW6Y/3QzjQT1DczPYbWLtEsgltFv92oNATGDn/e5Off3m5TJ?= =?us-ascii?Q?Bsgqkc5me0b6kLR7+BWSwHNXkQ7otzaNk1qBz4SndssjN9eB2HRzv3MWx/AJ?= =?us-ascii?Q?2uGkDgB9DomdozaqDHEEUNCMMG1m84mUhYnUngdjmCByQ2hWsUGsnp2Gdfhk?= =?us-ascii?Q?u0+PGIWx7WQu20s8KX+lLqsg6uEQm+z/0Iv31kWFpoJkphndWA=3D=3D?= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: e45c879c-43aa-4d2b-3143-08d98a2fe7ca X-MS-Exchange-CrossTenant-AuthSource: AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Oct 2021 07:47:40.7339 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: qXrB6Lfb+r5VWAIxOU/g8SdxH76Hcggy6smglESkfDqgyv5xCJ1pXPkU/FgUuMjmLSQnJXjxvXs3Vj/8njcjQZh0h+EWNFbtx18QfWFEVJs= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR10MB2097 X-TUID: wDstMC3H1yOz Especially on low-end systems (including arm on qemu) it could happen that the key generation took extremly long. As side effect some other services (like the ones for serial consoles) run into the configured timeouts. [ TIME ] Timed out waiting for device /dev/hvc0. [DEPEND] Dependency failed for Serial Getty on hvc0. [ TIME ] Timed out waiting for device /dev/ttyAMA0. [DEPEND] Dependency failed for Serial Getty on ttyAMA0. Delaying the key generation to the point in time where systemd-random-seed finished solves this problem. My current understanding is that the regeneration is waiting for enough entropy which is being seeded in parallel. Signed-off-by: Florian Bezdeka --- .../sshd-regen-keys/files/sshd-regen-keys.service | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service b/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service index a05e1a9..4d0a8c6 100644 --- a/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service +++ b/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service @@ -3,6 +3,7 @@ Description=Regenerate sshd host keys DefaultDependencies=no Conflicts=shutdown.target After=systemd-remount-fs.service +After=systemd-random-seed.service Before=shutdown.target sshd.service ConditionPathIsReadWrite=/etc -- 2.31.1