WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: piCore11 ssh delays  (Read 2057 times)

Offline Paul_123

  • Administrator
  • Hero Member
  • *****
  • Posts: 1089
piCore11 ssh delays
« on: May 30, 2020, 10:35:36 AM »
So the issue is that the current version of openssl/ssh require random to finish init before it will allow connections.   This could also be causing problems with any openssl program.

Options:
1) Use rng-tools to allow use of the rpi hardware entropy generations.   This program is has quite a few dependencies.
2) Use haveged.  Please dont start a crypto battle here.   haveged has no additional dependencies.

I've sent up the haveged extension.....once installed, just insert /usr/local/sbin/haveged at the beginning of /opt/bootlocal.sh

I'll update rng-tools, but there are more dependencies for me to chase first.

Offline Juanito

  • Administrator
  • Hero Member
  • *****
  • Posts: 14572
Re: piCore11 ssh delays
« Reply #1 on: May 31, 2020, 12:39:31 AM »
Hmm - I'd guess there's more than one problem here..

Using the same sd card and the same wired network connection, but swapping between an RPi3 and RPi4 I see the following:

Rpi3 - accepts an incoming ssh connection immediately after boot
Rpi4 - takes literally 5mins to accept an incoming ssh connection after boot

Offline Paul_123

  • Administrator
  • Hero Member
  • *****
  • Posts: 1089
Re: piCore11 ssh delays
« Reply #2 on: May 31, 2020, 04:44:01 AM »
Headless boards have very little sources of kernel entropy.....  I think it just depends what the kernel is using on each board.  My rpi4 on its own took almost 200seconds to init.  Adding haveged it inits and allows connections immediately.

Look at dmesg......when does random finish init?   You should be able to connect as soon as it finishes.

Offline Juanito

  • Administrator
  • Hero Member
  • *****
  • Posts: 14572
Re: piCore11 ssh delays
« Reply #3 on: May 31, 2020, 04:50:44 AM »
I get something similar:
Code: [Select]
$ dmesg | grep random
[    0.000000] random: get_random_bytes called from start_kernel+0x90/0x4c0 with crng_init=0
[    1.020436] random: fast init done
[    1.837899] random: mkswap: uninitialized urandom read (16 bytes read)
[  200.971891] random: crng init done

Offline Juanito

  • Administrator
  • Hero Member
  • *****
  • Posts: 14572
Re: piCore11 ssh delays
« Reply #4 on: June 02, 2020, 01:33:12 AM »
..and RPi3:
Code: [Select]
$ dmesg | grep random
[    0.000000] random: get_random_bytes called from start_kernel+0x8c/0x498 with crng_init=0
[    1.828375] random: fast init done
[    2.296416] random: mkswap: uninitialized urandom read (16 bytes read)
[   33.558590] random: crng init done

Offline RockJamm

  • Newbie
  • *
  • Posts: 20
Re: piCore11 ssh delays
« Reply #5 on: June 03, 2020, 01:04:10 AM »
I am also experiencing the slow availability of SSH on RPi4 but not on RPi3.

I've had a go at installing haveged as follows:

tce-load -wi haveged.tcz

and I'm getting 404 not found
« Last Edit: June 03, 2020, 01:05:54 AM by RockJamm »