When I log in, it hangs until crng init done

Looks like some component of your system blocks while trying to obtain random data from the kernel (i. e. reading from /dev/urandom or calling getrandom()) due to insufficient entropy (randomness) available.

I do not have a ready explanation for why the problem depends on a particular kernel version, or which component on your system actually blocks, but regardless of the root cause,

Indeed, as pointed out by Bigon in his answer, it appears to be a kernel bug introduced in 4.16:

This bug is introduced by the "crng_init > 0" to "crng_init > 1" change in this commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43838a23a05fbd13e47d750d3dfd77001536dd33

This change inadvertently impacts urandom_read, causing the crng_init==1 state to be treated as uninitialized and causing urandom to block, despite this state existing specifically to support non-cryptographic needs at boot time: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/char/random.c#n1863

Reverting 43838a23a05f ("random: fix crng_ready() test") fixes the bug (tested with 4.16.5-1), but this may cause security concerns (CVE-2018-1108 is mentioned in 43838a23a05f). I am testing a more localised fix that should be more palatable to upstream.

(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897572#82)

...Still, you may try using haveged or rng-tools to gather entropy faster.

It's a change (bug?) in the kernel, see: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897572

To mitigate that installing rng-tools5 seems to help. Note that I don't know whether installing this package has an impact or not on strong cryptography key generation

Edit: Apparently updating util-linux 2.32 should fix the issue

It's a kernel bug that can happen with different kernels.

Running apt-get install rng-tools as su in the terminal should work.