From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: Re: 'guix system vm' questions Date: Wed, 29 Jun 2016 11:48:42 -0400 Message-ID: <20160629154842.GA26047@jasmine> References: <861t3g7a9p.fsf@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:33392) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bIHjZ-0007eh-C2 for help-guix@gnu.org; Wed, 29 Jun 2016 11:49:02 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bIHjV-0003hR-2S for help-guix@gnu.org; Wed, 29 Jun 2016 11:49:00 -0400 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:41702) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bIHjT-0003eF-OX for help-guix@gnu.org; Wed, 29 Jun 2016 11:48:56 -0400 Content-Disposition: inline In-Reply-To: List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org Sender: "Help-Guix" To: "Thompson, David" Cc: myglc2 , help-guix On Wed, Jun 29, 2016 at 10:10:35AM -0400, Thompson, David wrote: > On Wed, Jun 29, 2016 at 2:57 AM, myglc2 wrote: > > I have a headless server running Guix/Debian 8.3 on which I would like > > to run some guix vms. So far, I have a script (see mkvm.sh, attached) > > that runs a single vm. It has some issues: > > > > 1) lsh-service hangs waiting for keystrokes on the QEMU console > > LSH needs to be initialized with a key on first boot, which is why you > need to type to create entropy. This sucks for automation, so I would > recommend OpenSSH instead, but we don't have an openssh-service yet. In your operating system configuration, you can pass 'initialize? #f' to lsh-service to skip the SSH seed and host-key initialization. You will need to initialize the LSH service later, before you can use it. How does OpenSSH get entropy without blocking on first boot? Before shipping an openssh-service, we should make sure that OpenSSH doesn't assume that /dev/urandom is safe to use; my understanding is that it isn't safe immediately after first boot. We should look into QEMU's VirtIO RNG, which could help here: http://wiki.qemu-project.org/Features-Done/VirtIORNG