Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

On 04/29/2014 09:30 PM, Tom Gundersen wrote: You can easily start the sockets early, but make the daemon itself wait for the key generation to finish. Thanks. Can you provide an example? (I don't want to change the daemon code.) The only thing you then have to make sure is that the key gen

Re: [systemd-devel] Disable timers

W dniu 30.04.2014 01:39, David Timothy Strauss pisze: systemctl disable or systemctl mask. You also have to stop it first, as that only changes the default. systemctl mask, disable doesn't seems to work. Thanks! -- Pozdrawiam / Greetings Marcin Kocur █ Dane kontaktowe / Contact details: http:/

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

On 30 Apr 2014 09:21, "Florian Weimer" wrote: > > On 04/29/2014 09:30 PM, Tom Gundersen wrote: > >> You can easily start the sockets early, but make the daemon itself >> wait for the key generation to finish. > > > Thanks. Can you provide an example? I guess the last three files here would have

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

On Apr 30, 2014 12:23 PM, "Tom Gundersen" wrote: > > > On 30 Apr 2014 09:21, "Florian Weimer" wrote: > > I don't know if we can change /dev/urandom to block because that doesn't look very backwards-compatible to me. > > I have seen Ted Ts'o write about wanting this, but I don't know much more. Al

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

Am 30.04.2014 10:23, schrieb Tom Gundersen: >> On 04/29/2014 09:30 PM, Tom Gundersen wrote: >> >>> You can easily start the sockets early, but make the daemon itself >>> wait for the key generation to finish. >> >> >> Thanks. Can you provide an example? > > I guess the last three files here would

Re: [systemd-devel] How to spin down a disc with systemd?

On Wed, 30.04.14 01:02, Marcin Kocur (marcin2...@gmail.com) wrote: > Hello all, > > I wrote a service /etc/systemd/system/disable-2nd-hdd.service. I > have 2 HDD's where one of them doesn't need to work all the time. So > I thought it'd be cool to shut it down after 30 minutes of > inactivity (th

Re: [systemd-devel] Disable timers

On Wed, 30.04.14 01:26, Marcin Kocur (marcin2...@gmail.com) wrote: > Hello again, > > I have another question. How I can disable a timer installed by > system vendor? I tried creating an empty service.d/service.conf file > and systemctl disable service.timer and systemctl disable > service.servic

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

On Tue, 29.04.14 20:43, Florian Weimer (fwei...@redhat.com) wrote: > The message at > > contains two boot traces from virtual machines which show that the > SSH key is generated before the kernel pool is sufficiently seeded

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

On Tue, Apr 29, 2014 at 08:43:38PM +0200, Florian Weimer wrote: > The message at > > contains two boot traces from virtual machines which show that the > SSH key is generated before the kernel pool is sufficiently seeded. I

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

On Wed, Apr 30, 2014 at 1:08 PM, Lennart Poettering wrote: > On Tue, 29.04.14 20:43, Florian Weimer (fwei...@redhat.com) wrote: > >> The message at >> >> contains two boot traces from virtual machines which show that the >>

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

On 04/30/2014 01:08 PM, Lennart Poettering wrote: On Tue, 29.04.14 20:43, Florian Weimer (fwei...@redhat.com) wrote: The message at contains two boot traces from virtual machines which show that the SSH key is generated

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

On 04/30/2014 01:14 PM, Daniel P. Berrange wrote: On Tue, Apr 29, 2014 at 08:43:38PM +0200, Florian Weimer wrote: The message at contains two boot traces from virtual machines which show that the SSH key is generated befo

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

On Wed, Apr 30, 2014 at 02:10:56PM +0200, Florian Weimer wrote: > On 04/30/2014 01:14 PM, Daniel P. Berrange wrote: > >On Tue, Apr 29, 2014 at 08:43:38PM +0200, Florian Weimer wrote: > >>The message at > >> > >>contains two b

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

On 04/30/2014 02:28 PM, Daniel P. Berrange wrote: Interesting suggestion. I just used virt-manager to create the VM. I don't see any trace for "rng" or "random" in the domain XML file. If it is supported, I think it should be enabled by default. I'm told that it isn't turned on by default, bu

[systemd-devel] [PATCH] man: update journald rate limit defaults

--- man/journald.conf.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/man/journald.conf.xml b/man/journald.conf.xml index 239a2ec..5cd09a2 100644 --- a/man/journald.conf.xml +++ b/man/journald.conf.xml @@ -190,8 +190,8 @@ limiting is app

Re: [systemd-devel] How to spin down a disc with systemd?

On 30.04.2014 13:02, Lennart Poettering wrote: > On Wed, 30.04.14 01:02, Marcin Kocur (marcin2...@gmail.com) wrote: > >> Hello all, >> >> I wrote a service /etc/systemd/system/disable-2nd-hdd.service. I >> have 2 HDD's where one of them doesn't need to work all the time. So >> I thought it'd be co

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

Hi Florian, Let me see if I understand you... First, where did you get the logs from: syslog or journald? On Wed, 30 Apr 2014 14:02:11 +0200 Florian Weimer wrote: > [...] > > Using /dev/urandom for key generation is fine once its pool is seeded. Are you concerned that the PRNG is not

[systemd-devel] Blog on running systemd within a docker container.

http://rhatdan.wordpress.com/2014/04/30/running-systemd-within-a-docker-container/ ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] unlocking encrypted hard disk two factor authentication (password and Yubikey)

Hello everybody, for encrypted hard disks systemd asks via password agent [0] request for a key to unlock the device. I coded a little program that can answer the request with information received from a Yubikey [1] in challenge/response HMAC-SHA1 mode: 1. systemd asks for password 2. Yubikey is