Getrandom() initialization failed

(Ian Rogers) #1

Any ideas on the cause of this

I have just updated my SD card to 30Oct18 and I am experiencing the same issue on reboot.

WARNING emoncms-org emoncms-org couldn’t send to server, URLError: getrandom() initialization failed. (_ssl.c:661) 2019-01-15 00:25:12,511 WARNING emoncms-org send failure: wanted ‘ok’ but got ‘’

As soon as I manually restart emonhub it is fine.



Can't connect to local emoncms
(Sam) #2

No root cause fix I am aware of. I have to restart emonhub whenever emonpi is rebooted to get data to log to emoncms.

(Greebo) #3

Looks like a problem with random number generation (getrandom() initialization failed)

This post from stack overflow explains why and provides a possible solution:

The Random Number generator needs to get to a certain state of entropy before it will “work”. This is from the archlinux wiki for rng-tools (the “solution” in the above SO post):

@TrystanLea, @glyn.hudson Is rng-tools included on the latest (or previous) SD images? If not, perhaps it should be?

(Trystan Lea) #4

Thanks @Greebo, checked here and it is not installed. Will make a note to include it and review with @glyn.hudson how it could be added as part of the emonSD update process.

sudo apt-get install rng-tools

(Paul) #5

Good call!

It escapes me why this is not included in the Raspbian images by default. I’ve done some reading on this topic this morning (so I am by no means an expert) and it seems that all Pi’s have a hardware RNG (random number generator) but it is not actually used unless you install the rng-tools package.

Although I have never experienced the issue raised here, I use SSH a lot and apparently, the existing (non-hw) method of gathering entropy is very slow and on Linux insufficient entropy is non-blocking, it just means keys are created at boot with a low amount of entropy, ie the security is lower as the generated keys are less random.

There is a test for the speed, here is 2 tests on a Pi3 with the installation of rng-tools in between

[email protected]:~ $ dd if=/dev/random of=/dev/null bs=1024 count=1 iflag=fullblock
1+0 records in
1+0 records out
1024 bytes (1.0 kB, 1.0 KiB) copied, 1125.72 s, 0.0 kB/s
[email protected]:~ $ sudo apt-get install rng-tools
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 48.7 kB of archives.
After this operation, 160 kB of additional disk space will be used.
Get:1 stretch/main armhf rng-tools armhf 2-unofficial-mt.14-1 [48.7 kB]
Fetched 48.7 kB in 0s (80.5 kB/s)
Selecting previously unselected package rng-tools.
(Reading database ... 80765 files and directories currently installed.)
Preparing to unpack .../rng-tools_2-unofficial-mt.14-1_armhf.deb ...
Unpacking rng-tools (2-unofficial-mt.14-1) ...
Setting up rng-tools (2-unofficial-mt.14-1) ...
Processing triggers for systemd (232-25+deb9u7) ...
Processing triggers for man-db ( ...
[email protected]:~ $ dd if=/dev/random of=/dev/null bs=1024 count=1 iflag=fullblock
1+0 records in
1+0 records out
1024 bytes (1.0 kB, 1.0 KiB) copied, 0.00347737 s, 294 kB/s
[email protected]:~ $

1125.72 secs reduced to 0.00347737 secs, this means all keys etc would be generated with the full quota of entropy, increasing “randomness” and thus improving security.

Given it is just a 47kB package and the Raspberry Pi’s are not the most powerful machines out there, one has to wonder why it’s not included every Raspbian image.

Until I know better I’ll be adding this to my existing setups and to my standard image setup script so all my future images get it automatically. Thanks @Greebo.

(Glyn Hudson) #6

I’ve added rng-tools to be installed as part of emonPi update. All new emonPi/emonBase shipped will include this package.