On 05/27/2017 08:32 PM, Robert Moskowitz wrote: > > > On 05/26/2017 08:35 PM, Leon Fauster wrote: >>> Am 27.05.2017 um 01:09 schrieb Robert Moskowitz <rgm at htt-consult.com>: >>> >>> I am use to low random entropy on my arm boards, not an intel. >>> >>> On my Lenovo x120e, >>> >>> cat /proc/sys/kernel/random/entropy_avail >>> >>> reports 3190 bits of entropy. >>> >>> On my armv7 with Centos7 I would get 130 unless I installed rng-tools >>> and then I get ~1300. SSH into one and it drops back to 30! for a >>> few minutes. Sigh. >>> >>> Anyway on my new Zotac nano ad12 with an AMD E-1800 duo core, I am >>> seeing 180. >>> >>> I installed rng-tools and no change. Does anyone here know how to >>> improve the random entropy? >> >> http://issihosts.com/haveged/ >> >> EPEL: yum install haveged > > WOW!!! > > installed, enabled, and started. > > Entropy jumped from ~130 bits to ~2000 bits > > thanks > > Note to anyone running a web server, or creating certs. You need > entropy. Without it your keys are weak and attackable. Probably even > known already. > Indeed. Installing haveged is the first thing I do when setting up a new CentOS 7 machine. Rebooting and verifying it starts on boot is the second.