| Author |
Message |
gyver
Joined: 07 Oct 2004
Posts: 46
|
| Posted: Thu Dec 30, 2004 5:54 pm Post subject: Odd sshd crash |
|
|
I just had to restart OpenSSH (gentoo 2004-03, 2.6.9-linode9 on host33) and I found this error in my logs :
Dec 30 23:25:45 [sshd] fatal: Couldn't obtain random bytes (error 604389476)
Never saw this kind of sshd error before... If it fetches its random bytes from /dev/(u)random, it could mean the UMLs are all using the hosts (u)random and there was some kind of starvation occuring.
Note: I'm hosting a small SSL site on the machine, although it wasn't used at this time it could help explain a starvation. |
|
| Back to top |
|
pclissold
Joined: 24 Oct 2003
Posts: 481
Location: Netherlands
|
| Posted: Thu Dec 30, 2004 6:33 pm Post subject: |
|
|
Sometimes headless machines run short of random entropy because there are no keyboard or mouse events to help generate it - disk and network activity may just not be enough.
The problem of too little entropy generation with UML was discussed here but no real solution was found.
I'm pretty sure that the UML instances maintain their own random entropy pools - they do not access the host pool. Host pool access was suggested as a solution to the problem discussed in the thread mentioned above, but caker wasn't keen in case one greedy Linode depleted the host entropy pool.
caker suggested increasing the entropy pool size - most distros have a default entropy pool size of 512 bytes - I increase mine to 8k so as to save up randomness during normal operations for the times when sshd and mod_ssl need lots and there's not much else going on to generate it.
Code: fremont root # echo 8192 > /proc/sys/kernel/random/poolsize |
|
| Back to top |
|
gyver
Joined: 07 Oct 2004
Posts: 46
|
| Posted: Thu Dec 30, 2004 6:43 pm Post subject: |
|
|
| Thanks a lot for this summary. Just added kernel.random.poolsize = 2048 in my sysctl.conf file and increased the value manually. |
|
| Back to top |
|
| |
