A Desktop session started from some Linux systems might be delayed or fail unless you move mouse around or strike keyboard several times.

Symptoms or Error

A Desktop session started from some Linux systems might be delayed or fail unless you move mouse around or strike keyboard several times.

Users may see error messages such as “Couldn’t read from random dev, and no entropy store, aborting”


From some end point devices with Citrix Receiver for Linux installed, if you click the desktop icon but do not move mouse or strike keyboard further, you might find a transient window of downloading ica file, but it does not start the desktop right away. In some cases, it might be started after 1-2 minutes, but in some other cases, it fails to start at all. However, if you move the mouse around or strike the keyboard several times, the desktop might be started instantly.

Entropy is the randomness collected by an operating system or application for use in cryptography or other uses that require random data. This randomness is often collected from hardware sources, either pre-existing ones such as mouse movements or specially provided randomness generators. In some Linux systems, the available entropy might not be enough. Establishing an encrypted HDX/ICA session is required to consume some entropy to be able to proceed. If it has not enough entropy, the system requires some mouse moves or keystrokes to generate enough random numbers to feed entropy bucket.

Over the years Linux OS systems have become more stringent on generating truly random data rather than falling back to pseudo-random number generation. The entropy/random number generation is used to generate secure SSL and similar.

Reporting Issues

Citrix Linux Receiver relies on the Linux OS to provide the entropy for SecureICA and SSL technologies and as such this is not considered a fault with the Linux Receiver issue.??

Customers with this issue should report the issue to the Linux OS vendor and/or the Linux thin-client vendor supplying Citrix Linux Receiver within their image.??

OS and Linux thin-client OEMs are advised to explore using a random number generator demon if their ?? /dev/random device cannot be configured through other means to provide the necessary entropy. This is not a new Linux platform issue and is seen time to time on some devices running Linux.


In order to check available entropy, type the following command at a shell prompt:

#watch “cat /proc/sys/kernel/random/entropy_avail”

If this entropy number shows around 100, you are likely to face the issue.?? Leave this window open, and start desktop, then you may find the available entropy number decreases to a single digit or even 0, and the session does not start. However, if you move mouse around or strike keyboard for a while, the entropy number will gradually increase to double digits or triple digits, and session start will be successful.


Some options are recommended in the Linux Receiver documentation Citrix Product Documentation -?? Troubleshoot.


rng-tools is intended to give access to values produced by a hardware random number generator. Users should be aware that it is possible to configure rng-tools to use either a pseudo-random number generator or a hardware random number generator:

  • /dev/hwrng (a hardware random number generator)

  • /dev/urandom (a pseudo random number generator)

Citrix recommends only the use of the hardware number generator (/dev/hwrng). Note that the recommendation to use rngd assumes that it will be used with a good source of random numbers like a hardware random number generator.

Customers may need to enable a TPM (Trusted Platform Module) or similar on certain hardware.


One of the software entropy generators is haveged (from Magic Software) daemon, which is available from source code or binary package from many Linux distribution repositories. This works by collecting entropy from sources other than the Linux OS kernel.

Install this package and verify the available entropy number is enough (generally it will be around 1000).


Using pseudo-random data

This is one technique some use to overcome the delay waiting for true entropy by using pseudo-random data generated by diverting the Linux OS to /dev/urandom rather than /dev/random.

SSL relies for its security on generating random keys. The delay comes because /dev/random will wait until enough entropy (randomness) has been collected by the kernel. /dev/urandom will provide random values if they are available or less random values if the collected entropy is low. Citrix does not recommend using pseudo-random entropy as using /dev/urandom reduces security. Whilst for some users on a secure network this may be acceptable, customers should be aware better options exist.

Applicable Products


Join the conversation

Citrix Discussions

Open a case

Citrix Support