15:59 <hannes> morning

16:02 <def`> morning :P

16:25 <dinosaure> morning :)

16:45 <reynir> Hmm, shouldn't mirage handle seeding the mirage-crypto RNG? I get Fatal error: exception Mirage_crypto_rng__Boot.Unseeded_generator

16:46 <hannes> reynir: it does. which mirage version do you use? do you depend on the Random device?

16:46 <hannes> or, rephrased: if you don't depend on the Random device (Mirage_random.S), you won't get a seed.

16:47 <hannes> (earlier, there used to be a way "~deps:[abstract nocrypto]", but this is no longer around)

16:49 <chou> heh. that sounds familiar, yes.

16:49 <chou> mirage-ssh-agent/config.ml: foreign ~packages ~deps:[abstract nocrypto]

16:49 <reynir> Okay, I see. I thought it was handled automagically.

16:52 <hannes> I guess this could be better documented indeed. I also wonder how to improve this -- since you may use mirage-crypto-rng directly (or via mirage-crypto-pk) without using a Random device in your unikernel (this sounds like your ssh-agent) -- maybe mirage should look for mirage-crypto-rng/mirage-crypto-pk uses as it did earlier for nocrypto? another solution would be to make this more explicit - but this

16:53 <hannes> would be rather cumbersome for the non-mirage users (+ mirage users)

16:53 <hannes> I'll try to think about this issue in the future, right now I think the behaviour is fine-ish (plus it fails hard, which is preferable over soft failurss)

16:54 <chou> perhaps just have the error point a dev in the right direction?

16:54 <hannes> usually, as soon as you use tcp/ip you'll get the random device dependency -> a seeded RNG (not for the unix socket stack though)

16:55 <hannes> chou: this "unseeded generator" error is not mirage-dependent, though maybe a link to https://mirage.github.io/mirage-crypto/doc/mirage-crypto-rng/Mirage_crypto_rng/index.html#usage-notes (which should be rephrased to reflect how to get it initialized on MirageOS) would be useful?

22:41 <chou> reynir: hm. fresh build against master. ssh-add fails in a weird way now. Could not add identity "/home/user/.ssh/id_rsa": communication with agent failed

22:42 <chou> reynir: ssh-add -l works, so basic setup seems fine.

22:42 <chou> reynir: it "feels" like the connection is closed while i type my passphrase, but agent is not logging that. :/

22:43 <chou> reynir: if i create a key without passphrase, adding works.

22:45 <chou> reynir: and i amvery sure i am not running into a client-side timeout for the socket, it seems to be rotting agent-side.

22:49 <chou> oh, interesting. it may not be an issue with timing, but it seems to not like that particular key, even if i remove its passphrase.

22:54 <chou> doesnt seem to be key length, a newly generated key of the same size works too.

22:55 <chou> running low on ideas now.

23:02 <chou> reynir: strace on the ssh-add says it writes the size + the key, but the read for the size of the response (?) returns empty.