03:45 <teto> johnny101: I think in my case it's because the sshd service doesn't have enough entropy to use ssh-keygen ? hence it times out ? I've checked my config but it seems every virtio feature is enabled in the guest (CONFIG_HW_RANDOM_VIRTIO) so maybe I need to just increase the timeout, not sure

05:08 <clever> teto: after CONFIG_HW_RANDOM_VIRTIO you still need to use that hwrng device

05:08 <clever> https://github.com/cleverca22/not-os/blob/master/runit.nix#L62-L66

05:09 <clever> https://github.com/cleverca22/not-os/blob/d55aa5ca2d3795d7151ac8a4099c79bf506a2aa4/qemu.nix#L4

05:09 <clever> teto: you shouldnt need any kernel config flags, just `modprobe virtio_rng` to create `/dev/hwrng` then run `rngd -r /dev/hwrng` to transfer entropy from the hw generator to the kernel

05:13 <teto> clever: interesting. I wonder how to best plug the rngd command in my nixops config. I believe system.activationScripts are run before any systemd service. could that be a solution ?

05:13 <clever> teto: just make a systemd service, and flag sshd as depending on rngd

05:13 <clever> or dont bother, since sshd will just hang until enough entropy is available, and systemd will start both rngd and sshd at the same time

05:13 <clever> and then rngd will feed sshd, and un-hang it

05:14 <teto> sounds good

05:14 <teto> is 'clever' an humble alias for 'god' ;) ?

05:14 <clever> :D

06:58 <teto> https://lwn.net/Articles/799249/#Comments I wonder if the lack of entropy is due to me now using to virtio

10:54 <teto> once I looked into some issue with my service, I found out there was already security.rngd.enable option in nixpkgs xD

10:55 <teto> and qemu-guest.nix disables rngd :s

11:22 <teto> clever: ok finally managed to make it work \o/

11:22 <teto> it fixes the problem