From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7016599000890474496 X-Received: by 2002:a5d:4b8c:: with SMTP id b12mr12465441wrt.31.1634285206015; Fri, 15 Oct 2021 01:06:46 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a1c:2051:: with SMTP id g78ls5852946wmg.0.canary-gmail; Fri, 15 Oct 2021 01:06:45 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx7f4SPuWg7gsHHHT72jg0m13dlWIaZWi+BL+YqOGo/2QnCfbyFgo8alulY23uU0Txbkwtf X-Received: by 2002:a05:600c:3b82:: with SMTP id n2mr24260853wms.46.1634285205055; Fri, 15 Oct 2021 01:06:45 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1634285205; cv=pass; d=google.com; s=arc-20160816; b=cE9D9EhSVIJuybzmO2cEHzhSrgOIK04XS/acwAYTuplRDnaJRmJ6NkbI8kiloP2QAn 3j7or3bErflefMVOB8odp2FF9KDMtG7KRyH7f7/3fzonLAbGbtbMG4kHnBUEhG6f9rJP EyqoJ2Eruh1tLGP7SlkJ4APSabPhDRGRpT73y754M7PDmGJispRlcFmHtwP89Bwj+zdq ybBmLJQag0opvxJb7kYlBOmZmze3URTM6V/qeTWApWRcrv5/wpYPSHoFKcCEFJDm3W8a vj7Zy33EGxm0eUCBnGhCkt6Pq8ZhIZPqSV1n1bb7WqssnLN085fbTn2O4clo9SwXlTky 41EQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=CPfc5kXi2wxa9nH2Zip6tJ4Nd67a8m1CDEjPG+62t/I=; b=ZkkxgyNvl2t6ek9DI/jgYJegqr4wipEipJZ3F5lSqQtSyrFS1e21KXhjfJg2xUL21J w9RNFbF7D67d6ssgTv6Ekr2yCxCCaxPnd+dKzmawzvAU+STdeYY1ciWZX0GwqCfX+FbO T5M9iROfzxfvGKBqZtdpS6AzoDXqjPp72ZCg9Qm1yj/U3surgnJ8WzZ1BbuZmmcp02JE NO9XcYGHCd3g600DNKdeWusAVjVJlnSmv+O/fNcV4Ub/92fJWkvBRUMP/jjSBVMu/UCv bLuBGsVebCQS/r0Fu5i4wE+IL3lbmEp9F1+jbGD/4xI510ogfV9M6LexQDT+5wTXGxDb WT9g== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.onmicrosoft.com header.s=selector1-siemens-onmicrosoft-com header.b=MOGwfHLe; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of florian.bezdeka@siemens.com designates 2a01:111:f400:fe08::61d as permitted sender) smtp.mailfrom=florian.bezdeka@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-am5eur03on061d.outbound.protection.outlook.com. [2a01:111:f400:fe08::61d]) by gmr-mx.google.com with ESMTPS id l3si373165wml.2.2021.10.15.01.06.44 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 15 Oct 2021 01:06:45 -0700 (PDT) Received-SPF: pass (google.com: domain of florian.bezdeka@siemens.com designates 2a01:111:f400:fe08::61d as permitted sender) client-ip=2a01:111:f400:fe08::61d; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.onmicrosoft.com header.s=selector1-siemens-onmicrosoft-com header.b=MOGwfHLe; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of florian.bezdeka@siemens.com designates 2a01:111:f400:fe08::61d as permitted sender) smtp.mailfrom=florian.bezdeka@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fjFLYZtc1a8I4fIpJtxnZQ4SLkOUy42iiTR+0vO3SKyoa7qjcQ8uaNdgr1tVN/NYhrlrzqOUrfufZtfZXYu2is/IOo4dzS/Y/8qqtKUY5uZhRSVIw4QnG+83qLe35szfEDbMRG7EauTJ1pvT5uhrfvBLJaVbE4we/UQ/KzgvUXeDTtZoTrkNs1MUhvxO06Qo4algIU4A9BMD1WcsfFRKYXag4BT2m4HzEAtm48yHXTqGYqtOaMlm74QlTXUsmZxwBYJVaZFchRv1jmFGyWq+0makzoLzCHembyFy5ZCDkyUg3miuIcHilJjQzMA+eG7SQQoe6cEEDSIa7dCg4eeNow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CPfc5kXi2wxa9nH2Zip6tJ4Nd67a8m1CDEjPG+62t/I=; b=lbY49E9tn5ONqyHGeHCvGYwUt2PQOoQQkaLWOeztCoi67fKH5jFKnJqkMrT/XE3SZxzTemiuBQHoYnbVcdRj0BPPEXZmwSzqQzQUzO9cqzYjgPFpFsZzuWSQO9vt++3jepUdg2jTB4XI27LFn9+mcwYjlcbqFCuL27GD27D82nPzJw2Hm97csygKvjL/lFwfSHNfoP/a9DBZByHSV/g57kTFFTnGgEWzvB0E/yl4c5Gr7gyXh6fWpjhJsgGrrvEraE7l5vugo0XZ03NWVh2UZhSthY1TDBwLLTW0n86fmvjls5i62T8TbC2vNSZTaCoxU5B+uQil/vH+0ftPYL2NWQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.onmicrosoft.com; s=selector1-siemens-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CPfc5kXi2wxa9nH2Zip6tJ4Nd67a8m1CDEjPG+62t/I=; b=MOGwfHLegG76AJ6B4v8S0pXo0mPOQsB8yy4BhOtGQ59xrvrWr8/+X+rY0Lh7TrOaNqw3W2sgbuiIJ2H998JKJO9IO3T+cNvJmvWThoEYY9aviGKX6r+PudvEStG0kb1Ns+fen22dNSrX+Lk42GjCJLQdJb0sCuH7ThFsPlrLKts= Authentication-Results: googlegroups.com; dkim=none (message not signed) header.d=none;googlegroups.com; dmarc=none action=none header.from=siemens.com; Received: from AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:49::10) by AM4PR1001MB1236.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:200:98::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.22; Fri, 15 Oct 2021 08:06:44 +0000 Received: from AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM ([fe80::7c9e:d40e:39ca:97ac]) by AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM ([fe80::7c9e:d40e:39ca:97ac%6]) with mapi id 15.20.4587.031; Fri, 15 Oct 2021 08:06:44 +0000 From: Florian Bezdeka To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, henning.schild@siemens.com, Florian Bezdeka Subject: [PATCH v2 1/2] sshd-regen-keys: Start key generation after entropy seed Date: Fri, 15 Oct 2021 10:06:37 +0200 Message-Id: <20211015080638.12765-2-florian.bezdeka@siemens.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20211015080638.12765-1-florian.bezdeka@siemens.com> References: <20211015080638.12765-1-florian.bezdeka@siemens.com> Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: VI1PR0102CA0056.eurprd01.prod.exchangelabs.com (2603:10a6:803::33) To AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:49::10) Return-Path: florian.bezdeka@siemens.com MIME-Version: 1.0 Received: from localhost (2a02:810d:82c0:38fc:e180:2248:7590:2b4d) by VI1PR0102CA0056.eurprd01.prod.exchangelabs.com (2603:10a6:803::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4608.14 via Frontend Transport; Fri, 15 Oct 2021 08:06:43 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: ecf5b504-42f3-4efb-bcc2-08d98fb2ba2c X-MS-TrafficTypeDiagnostic: AM4PR1001MB1236: X-LD-Processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6430; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: VxQeIwoAeSEzVSiecwWGqWr0zAAeVzP9HYRjooHi2NPyVtR2FcApRYwZQcvOtyfUybGbo7BRBHgWm4R4HzrdSwh0BhoIjsePQoUGJsCcfy5RZ1984lVmgyfV3u4MIdP9k9zihBp4TA7J70MNEipj+s+g7BW4DhLTzKKZLkuxWXnFeWZX6yVYYRkj/Ulr2o3OwpDwAtIZFYR9qm2dRLVg/hs07mfbz2KqADfrhv2tGEfltNRuRe2hIaTjGcR2LoAPWmsCG8x7m+1v+YuuSQM1WbIPjTlje3zXq9TCDJAe780j5TE5ZvJk7PLXOTbkjI3kIoJWuXaejM+H6iS3oHC7PTsY1P664vBrWf/JdW00CgNEW7qjQbbOQe/rrFijwGlZHveB+5KY025nTExolYAYQBEthAKScqbChwkZ1umntyXC9EDQ40XUf1RDo/k+lfCY282efgW02fd/YOPI+Gc3LcA61EEwlKgOhypHLh77weE8r8kVvo49FGZ4Xi9ZRQvg5cN71BbTC7vJ0pcR4MZggTRDJFHPVMu7GK6863y1KGbSixogsegMN8aZkvmf0Y2zaqqMPCX/2QZjs9UayYqIzmTWT1ilWrNyU0h/n2GiHWnArMCYC/uh+aVITY7xUOqyt5z/zVjWjhs/jc8fDS42wg== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(4636009)(366004)(6916009)(8676002)(5660300002)(66946007)(6486002)(186003)(8936002)(86362001)(6496006)(2616005)(36756003)(82960400001)(66556008)(38100700002)(44832011)(6666004)(508600001)(316002)(1076003)(107886003)(2906002)(4326008)(66476007);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?zfXAB2PwuvsYsT5/T51nJkU83x5OkA1bNw0E//XEJPGzTNNZLMaT3Ff9bVxu?= =?us-ascii?Q?RXxbG61qcHJc3zhGzY1wxvQFHNa/cYODEXjpeIehJG9RfhH+RrnBL/eybdC6?= =?us-ascii?Q?/kWLpBtDzRBLqh9JLDA61l+S3cmuMWJAfvL0MS9Xjgb4dmUQ5u+K+RcwVagR?= =?us-ascii?Q?3jmJAqKj8Pa6gKDjJGrNpndGst2D9723ce3RoU672PemuxhXVhVN8t39KCKd?= =?us-ascii?Q?1KXDwzj/eSR1CkovrTmkpAtzo9IX9jRPtLNptzK0uhA7OlKB+pPbsOi7u+EK?= =?us-ascii?Q?X2PQOH4mpm0VM6xLD8hdlLH4ejXoTOQ6947Hk1Xe4Z1+51bnutLCohBRuqQ4?= =?us-ascii?Q?xhM28TyU8A2ejgiqJsVFCPRR/f1VUiNhS3vA/xfc7Y9B2J4Ksb5v1bvzUx9i?= =?us-ascii?Q?Yu5l9KaaQgkGSsQLCa3B+ZkzcYJtfuY1qXFFGKOYDTrMvmXoNjKNs/lgI3c3?= =?us-ascii?Q?rDeoUgGlj+oyl/SRkJdw+j8nZch4dXSiQ/pW3rpOjIxuuK6o7jH19/LtF3KX?= =?us-ascii?Q?KZICs3S+8Vt9v8XApG0yPGZdpsMrDXjJaCczdo/+u4YC78PnOzjfT4y0F+2P?= =?us-ascii?Q?0+UvhVEP1MtHH/6Hhjh9hyrhX5NUxGCV1qO67F5K9cxvCL/24MGFg14pZ8t8?= =?us-ascii?Q?Msl84BXQ3gJIE5TTPiOlbjeg00ilFi/3sQ77VJq06V9uVrUmSWciM/f8nom+?= =?us-ascii?Q?TdP7hOUxVhrMxJLjvd39rXezVzq6h7m3xyHvLGFjzwsf8PXvBoA9AzZfnp05?= =?us-ascii?Q?45gMB8fShw3g3ZgufW4uVRyqhRzJ5A7WbOtdYdjJFk6BdGRMG5t1qtjxbaX0?= =?us-ascii?Q?OSKixfg/nU+Ziq9sO5nagiwzDsxqWCdiG4HOACKrd3SytIH7Sil4yDvXbVU6?= =?us-ascii?Q?WmD+bQqjrKEpTRocn9TmPD3c2XU5u6yEi9EBpsdqHbFEl4kHr6kdRwS8xaBt?= =?us-ascii?Q?oLvDYVcXZnNCu9pWVEEMN2KU2jEZvgFpAcSr6Ajzbir8yHYEZULLBcS423fZ?= =?us-ascii?Q?XOeBme/COGbCZaIjzgaXaFfIQhpnj4PAsQNtjgKW/PQmQ9SvvPC7w54gpsEv?= =?us-ascii?Q?fma6+ADF7qQR8GApaqHcauRSModn3RcnN5CdbSzTNF5vFM5vnuK83wKYOZIm?= =?us-ascii?Q?f650UtDbFcunVFLOQJUgRvoGeB83nmmAChTnBUJCj9D99T5S+rHia7n+h7oj?= =?us-ascii?Q?YNGTY21MPimaFEOaVOKpLCUBDfUCPdTAOhBCUU6TKLq7v8QV3uO93EBketbS?= =?us-ascii?Q?BtlqWnVkzc9WbE+e1z8oFK0f06X+tgT1RFo8jMclf7qzr1vtOSqCDG2rnLhV?= =?us-ascii?Q?Lb4ZGSTBNRIg/IEjZgd3egIIalQdWuKVTtZ8KBl7h3xf4ZPNW1ATibwipgHp?= =?us-ascii?Q?RDKOYBBTSy+lkN5tg9w49D6AhJwe?= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: ecf5b504-42f3-4efb-bcc2-08d98fb2ba2c X-MS-Exchange-CrossTenant-AuthSource: AM0PR10MB1906.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Oct 2021 08:06:44.1419 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 62tvilcCfKmHsKgMFbF+P3QSwKMZRlE6VlqqS7tCBgKL8ae+lC8za/bE96Gyzt0weHlROhR+GEi5Cg2SFOZ1hStyAn3zsPG4hJxJm04IrPc= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR1001MB1236 X-TUID: woQQCeVUtlSU Especially on low-end systems (including arm on qemu) it could happen that the key generation took extremly long. As side effect some other services (like the ones for serial consoles) run into the configured timeouts. [ TIME ] Timed out waiting for device /dev/hvc0. [DEPEND] Dependency failed for Serial Getty on hvc0. [ TIME ] Timed out waiting for device /dev/ttyAMA0. [DEPEND] Dependency failed for Serial Getty on ttyAMA0. Delaying the key generation to the point in time where systemd-random-seed finished solves this problem. My current understanding is that the regeneration is waiting for enough entropy which is being seeded in parallel. Signed-off-by: Florian Bezdeka --- .../sshd-regen-keys/files/sshd-regen-keys.service | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service b/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service index af98d5e..1beb664 100644 --- a/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service +++ b/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service @@ -3,6 +3,7 @@ Description=Regenerate sshd host keys DefaultDependencies=no Conflicts=shutdown.target After=systemd-remount-fs.service +After=systemd-random-seed.service Before=shutdown.target ssh.service ConditionPathIsReadWrite=/etc -- 2.31.1