> Date: Wed, 22 Mar 2023 16:33:55 +0100 > From: Manuel Bouyer <bou...@antioche.eu.org> > > I upgraded a Xen guest from -7 to 10, and run into: > entropy: pid 17200 (python) blocking due to lack of entropy > > how do I get out of this ? I tried various things with rndctl, including > copying /var/db/entropy-file from another host (with hardware RNG),
If you copy /var/db/entropy-file from another host (or, better, create a new one with `rndctl -S') _and load it_ with `rndctl -L' on this host, this will add nonzero entropy to the system; then use `/etc/rc.d/random_seed stop' to save it to disk for the next boot in case you shut down uncleanly. See `Adding entropy' in <https://man.netbsd.org/entropy.7>. You can verify whether the seed file you created with `rndctl -S' (or copied from /var/db/entropy-file) has nonzero entropy by checking the first four bytes, e.g. with: head -c 4 < seed | hexdump -C > and ping -f to generate a faira amount of network traffic, but nothing seems > to work. I can't switch any of my devices to estimate. You can, but network drivers don't claim to the kernel that their sampling process has nonzero entropy. So each sample contributes data to the pool but adds zero to the total, which doesn't affect the total even if you ask the kernel to add it.