Getrandom() initialization failed

Ian999 · 15 January 2019 00:29

Any ideas on the cause of this

I have just updated my SD card to 30Oct18 and I am experiencing the same issue on reboot.

WARNING emoncms-org emoncms-org couldn’t send to server, URLError: getrandom() initialization failed. (_ssl.c:661) 2019-01-15 00:25:12,511 WARNING emoncms-org send failure: wanted ‘ok’ but got ‘’

As soon as I manually restart emonhub it is fine.

Thanks

Ian

Tockley · 15 January 2019 00:46

No root cause fix I am aware of. I have to restart emonhub whenever emonpi is rebooted to get data to log to emoncms.

Greebo · 15 January 2019 02:27

Looks like a problem with random number generation (getrandom() initialization failed)

This post from stack overflow explains why and provides a possible solution:

The Random Number generator needs to get to a certain state of entropy before it will “work”. This is from the archlinux wiki for rng-tools (the “solution” in the above SO post):

@TrystanLea, @glyn.hudson Is rng-tools included on the latest (or previous) SD images? If not, perhaps it should be?

TrystanLea · 15 January 2019 08:46

Thanks @Greebo, checked here and it is not installed. Will make a note to include it and review with @glyn.hudson how it could be added as part of the emonSD update process.

sudo apt-get install rng-tools

pb66 · 15 January 2019 11:41

Good call!

It escapes me why this is not included in the Raspbian images by default. I’ve done some reading on this topic this morning (so I am by no means an expert) and it seems that all Pi’s have a hardware RNG (random number generator) but it is not actually used unless you install the rng-tools package.

Although I have never experienced the issue raised here, I use SSH a lot and apparently, the existing (non-hw) method of gathering entropy is very slow and on Linux insufficient entropy is non-blocking, it just means keys are created at boot with a low amount of entropy, ie the security is lower as the generated keys are less random.

There is a test for the speed, here is 2 tests on a Pi3 with the installation of rng-tools in between

pi@raspberrypi:~ $ dd if=/dev/random of=/dev/null bs=1024 count=1 iflag=fullblock
1+0 records in
1+0 records out
1024 bytes (1.0 kB, 1.0 KiB) copied, 1125.72 s, 0.0 kB/s
pi@raspberrypi:~ $ sudo apt-get install rng-tools
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
  rng-tools
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 48.7 kB of archives.
After this operation, 160 kB of additional disk space will be used.
Get:1 http://raspbian.mirror.uk.sargasso.net/raspbian stretch/main armhf rng-tools armhf 2-unofficial-mt.14-1 [48.7 kB]
Fetched 48.7 kB in 0s (80.5 kB/s)
Selecting previously unselected package rng-tools.
(Reading database ... 80765 files and directories currently installed.)
Preparing to unpack .../rng-tools_2-unofficial-mt.14-1_armhf.deb ...
Unpacking rng-tools (2-unofficial-mt.14-1) ...
Setting up rng-tools (2-unofficial-mt.14-1) ...
Processing triggers for systemd (232-25+deb9u7) ...
Processing triggers for man-db (2.7.6.1-2) ...
pi@raspberrypi:~ $ dd if=/dev/random of=/dev/null bs=1024 count=1 iflag=fullblock
1+0 records in
1+0 records out
1024 bytes (1.0 kB, 1.0 KiB) copied, 0.00347737 s, 294 kB/s
pi@raspberrypi:~ $

1125.72 secs reduced to 0.00347737 secs, this means all keys etc would be generated with the full quota of entropy, increasing “randomness” and thus improving security.

Given it is just a 47kB package and the Raspberry Pi’s are not the most powerful machines out there, one has to wonder why it’s not included every Raspbian image.

Until I know better I’ll be adding this to my existing setups and to my standard image setup script so all my future images get it automatically. Thanks @Greebo.

glyn.hudson · 15 January 2019 15:26

I’ve added rng-tools to be installed as part of emonPi update. All new emonPi/emonBase shipped will include this package.

Thanks

dehusky · 28 March 2019 00:07

Hi, my emonpi has been running nicely for over three years now, it only goes wrong when I fiddle. Then last week I had to power it down to decorate and when I turned it back on it refused to upload anything to emoncms.org
I updated all and eventually created a new emonpi card and started fresh with fully up to date install, again all set up and ran locally fine but no uploads. emoncms.log showed the same error as above, installing rng-tools as above worked, has it been dropped from the latest updates? I’m wondering if a recent update hasn’t taken effect until I unplugged?
All is good now, so thanks for all your hard work