[CentOS] Low random entropy
Robert Moskowitz
rgm at htt-consult.com
Sun May 28 03:32:22 UTC 2017
On 05/26/2017 08:35 PM, Leon Fauster wrote:
>> Am 27.05.2017 um 01:09 schrieb Robert Moskowitz <rgm at htt-consult.com>:
>>
>> I am use to low random entropy on my arm boards, not an intel.
>>
>> On my Lenovo x120e,
>>
>> cat /proc/sys/kernel/random/entropy_avail
>>
>> reports 3190 bits of entropy.
>>
>> On my armv7 with Centos7 I would get 130 unless I installed rng-tools and then I get ~1300. SSH into one and it drops back to 30! for a few minutes. Sigh.
>>
>> Anyway on my new Zotac nano ad12 with an AMD E-1800 duo core, I am seeing 180.
>>
>> I installed rng-tools and no change. Does anyone here know how to improve the random entropy?
>
> http://issihosts.com/haveged/
>
> EPEL: yum install haveged
WOW!!!
installed, enabled, and started.
Entropy jumped from ~130 bits to ~2000 bits
thanks
Note to anyone running a web server, or creating certs. You need
entropy. Without it your keys are weak and attackable. Probably even
known already.
More information about the CentOS
mailing list