I was just hit by another case of "no entropy in xen kernels". I filed a bugreport against openswan for this: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209395 Xen kernels really need to obtain better entropy. Either some entropy gathering daemon that takes its input from the dom0 should be added to the xenguest-install, or the xen kernel should be modified so it can somehow obtain entropy from the dom0 through some kernel mechanism. To see the difference: run on dom0: hexdump -C /dev/random After you empty /dev/random, you''ll see a new line of random every few seconds. break hexdump, and do some entropy gathering, for example by running the following command for 20 seconds: "find -type f / | xargs grep SFDSFGHSFSDFGDFHGFHS" Now boot the xen run hexdump there. Paul