Not enough entropy on Ubuntu VMs

[dtitov]

Describe the bug I have discovered that your Ubuntu VMs suffer from this issue: https://serverfault.com/questions/214605/gpg-does-not-have-enough-entropy

I have a cryptographic library and when I run GitHub Actions pipeline on Ubuntu, the build hangs forever, because library can’t generate encryption keys due to the issue above (FYI: MacOS VMs are not affected by this).

I have applied a workaround by installing and running rng-tools on the VM (as per suggestion from the link above). But it would be nice if you could fix this issue on your side.

I also realize that security-wise, using /dev/urandom as a source of entropy is discouraged. However, I believe that it's important only for production use and it's completely fine for the testing environment, which GitHub Actions is. Also, maybe you would be able to come up with a better solution, because, again - this is just a workaround.

Area for Triage:

• Java

Question, Bug, or Feature?:

• Bug

Virtual environments affected

• [ ] macOS 10.15
• [x] Ubuntu 16.04 LTS
• [x] Ubuntu 18.04 LTS
• [ ] Windows Server 2016 R2
• [ ] Windows Server 2019

Expected behavior The build of https://github.com/uio-bmi/crypt4gh runs normally without installing rng-tools or performing any other additional manipulation.

Actual behavior The build of https://github.com/uio-bmi/crypt4gh hangs forever if rng-tools are not installed.

[al-cheb]

Hello, @dtitov I am planning to add haveged package on Ubuntu images. Could you please validate your build with the installed package - sudo apt-get install haveged ?

[dtitov]

Hi, @al-cheb,

I tried it and it worked: https://github.com/uio-bmi/crypt4gh/runs/564321973?check_suite_focus=true 👍

[al-cheb]

Hello, @dtitov We have pre-installed haveged on Ubuntu images - https://github.com/actions/virtual-environments/blob/releases/ubuntu18/20200430/images/linux/Ubuntu1804-README.md Feel free to open the thread if you have any concerns.