[Csync2] generating key takes really long time
George H
george.dma at gmail.com
Wed Feb 6 12:39:48 CET 2008
On 2/6/08, Clifford Wolf <clifford at clifford.at> wrote:
> Hi,
>
> On Wed, Feb 06, 2008 at 05:46:21AM -0500, George H wrote:
> > I got a weird problem, I have csync2 installed on an IBM Blade server
> > runing kernel 2.6.23.
> > when I run "csync2 -k /etc/mykey" it just takes forever to complete.
> > In fact it never completes, I have to CTRL+C to get out and when I
> > cat the file it is half done.
> >
> > When I do teh same thing on a regular linux pc with the same kernel..
> > it generates the key in less than a second. So I try to use that
> > generated key from the PC onto my blade.. but I get identification
> > errors.
>
> Key generation uses /dev/random to acquire some random bytes. the random
> data in /dev/random is generated from the kernel using thing like keyboard
> and harddisks interrupts, because they can't be predicted by monitoring the
> network traffic. servers, especially those with no harddisks, often have
> problems with not having enought truly random events the kernel could use
> to generate the key.
>
> Easiest solution: Generate the key on a trustworthy machine where key
> generation works fine, then transfer it to the server using a secure
> channel (such as scp) and remove the key file on the machine where you
> generated it afterwards..
OK, so I take it I have to use the same .csr .pem files on the other
"trustworthy" machine when generating the key.
> yours,
> - clifford
>
> --
> Hardware /nm./: the part of the computer that you can kick.
>
More information about the Csync2
mailing list