Symptoms
Affected computers show long delays during boot, especially with applications that need randomness for initialization - including openssh, so it can leave a machine apparently dead after a Stretch-to-Buster upgrade.
If you're sitting in front of a machine that might be suffering from this problem then you may be able to speed up its recovery by jiggling the mouse. If it's a remote system, ping a network interface.
Underlying Problem
Linux is being stricter about getting urandom initialized with properly random randomness, and systemd... well, let's just say it isn't helping. As a result the system has to slowly collect entropy from other sources.
Solutions
for amd64 CPU architectures: use a recent kernel with CONFIG_RANDOM_TRUST_CPU set (less recent (what's "less recent" exactly?) kernels may need random.trust_cpu=on added to the commandline). Also the CPU needs to support the RDRAND instruction.
- the following command will show you if your currently running kernel has CONFIG_RANDOM_TRUST_CPU set and if your CPU supports the RDRAND instruction:
grep CONFIG_RANDOM_TRUST_CPU /boot/config-$(uname -r) && grep -m 1 rdrand /proc/cpuinfo && echo "your system looks fine"
- the following command will show you if your currently running kernel has CONFIG_RANDOM_TRUST_CPU set and if your CPU supports the RDRAND instruction:
machines with a Trusted Platform Module can use rng_core.default_quality=1000
for KVM/QEMU VMs: see Daniel Lange's summary for the required invocation to pass randomness from the host via virtio_rng
- other (unverified) sources suggest a domain configuration with
<rng model="virtio"><backend model="random">/dev/urandom</backend></rng>
- for other VMs (VMware, others that don't provide access to a virtio RNG) some other solution is needed, such as...
hardware entropy sources such as chaoskey
see also Entropy, or Thorsten Glaser's early-rng-init-tools
a fallback that makes experts hold their noses: apt install haveged (citation needed)
Links
https://daniel-lange.com/archives/152-hello-buster.html
debian-devel thread: https://lists.debian.org/debian-devel/2018/12/msg00184.html, https://lists.debian.org/debian-devel/2019/01/msg00079.html
bug #912087 (bug #912616) bug #916690 bug #923675
Keywords
boot-time delay, crng, hang, getrandom, randomness, systemd