From mboxrd@z Thu Jan  1 00:00:00 1970
From: Leo Famulari <leo@famulari.name>
Subject: Re: 'guix system vm' questions
Date: Wed, 29 Jun 2016 11:48:42 -0400
Message-ID: <20160629154842.GA26047@jasmine>
References: <861t3g7a9p.fsf@gmail.com>
	<CAJ=Rwfbj4oAxpqm0VgzBdW33E_9tCtFQNW+VPO1fUWT4z6DMpw@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Return-path: <help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:33392)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1bIHjZ-0007eh-C2
	for help-guix@gnu.org; Wed, 29 Jun 2016 11:49:02 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1bIHjV-0003hR-2S
	for help-guix@gnu.org; Wed, 29 Jun 2016 11:49:00 -0400
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:41702)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1bIHjT-0003eF-OX
	for help-guix@gnu.org; Wed, 29 Jun 2016 11:48:56 -0400
Content-Disposition: inline
In-Reply-To: <CAJ=Rwfbj4oAxpqm0VgzBdW33E_9tCtFQNW+VPO1fUWT4z6DMpw@mail.gmail.com>
List-Id: <help-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/help-guix>,
	<mailto:help-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/help-guix/>
List-Post: <mailto:help-guix@gnu.org>
List-Help: <mailto:help-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/help-guix>,
	<mailto:help-guix-request@gnu.org?subject=subscribe>
Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org
Sender: "Help-Guix" <help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org>
To: "Thompson, David" <dthompson2@worcester.edu>
Cc: myglc2 <myglc2@gmail.com>, help-guix <help-guix@gnu.org>

On Wed, Jun 29, 2016 at 10:10:35AM -0400, Thompson, David wrote:
> On Wed, Jun 29, 2016 at 2:57 AM, myglc2 <myglc2@gmail.com> wrote:
> > I have a headless server running Guix/Debian 8.3 on which I would like
> > to run some guix vms. So far, I have a script (see mkvm.sh, attached)
> > that runs a single vm. It has some issues:
> >
> > 1) lsh-service hangs waiting for keystrokes on the QEMU console
> 
> LSH needs to be initialized with a key on first boot, which is why you
> need to type to create entropy.  This sucks for automation, so I would
> recommend OpenSSH instead, but we don't have an openssh-service yet.

In your operating system configuration, you can pass 'initialize? #f' to
lsh-service to skip the SSH seed and host-key initialization. You will
need to initialize the LSH service later, before you can use it.

How does OpenSSH get entropy without blocking on first boot? Before
shipping an openssh-service, we should make sure that OpenSSH doesn't
assume that /dev/urandom is safe to use; my understanding is that it
isn't safe immediately after first boot.

We should look into QEMU's VirtIO RNG, which could help here:
http://wiki.qemu-project.org/Features-Done/VirtIORNG