NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: port-xen/40739: no entropy device sourcese on 5.0_RC2 XEN3PAE_DOMU

On Tue, Feb 24, 2009 at 06:00:01PM +0000, wrote:
> >Environment:
> NetBSD 5.0_RC2 NetBSD 5.0RC2 (XEN3PAE_DOMU) #0: Mon 
> Feb  9 10:22:33 UTC 2009  
>  i386
> Architecture: i386
> Machine: i386
> >Description:
> Running MIT's kerberos server, kadmind (for kerberos 5) will not start due
> to a lack of entropy.  There are no entropy sources available to generate
> entropy from.
> % rndctl -ls
> Source                Bits    Type    Flags
>          4346 bits mixed into pool
>             0 bits currently stored in pool (max 4096)
>             0 bits of entropy discarded due to full pool
>          4346 hard-random bits generated
>        210118 pseudo-random bits generated

the problem in the case of a Xen domU is that there's no good source
of entropy. On native systems we use the hard disk as a source
of entropoy; but on a domU it's disabled because others domU could interfere
with it.
rndctl should show xennets as a possible source of entropy, but it has
to be enabled manually.

Manuel Bouyer <>
     NetBSD: 26 ans d'experience feront toujours la difference

Home | Main Index | Thread Index | Old Index