[{"data":1,"prerenderedAt":313},["ShallowReactive",2],{"Categories":3,"NavIndexCategoriesCountFooter":203,"content-\u002F2008\u002F10\u002F13\u002Fincrease-entropy-on-a-2-6-kernel-linux-box\u002F":204},[4,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,68,70,71,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202],{"category":5},"System Administration",{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":27},"Software Development",{"category":5},{"category":5},{"category":5},{"category":5},{"category":27},{"category":27},{"category":5},{"category":5},{"category":5},{"category":27},{"category":5},{"category":5},{"category":5},{"category":27},{"category":27},{"category":27},{"category":27},{"category":5},{"category":5},{"category":5},{"category":27},{"category":27},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":27},{"category":5},{"category":5},{"category":27},{"category":27},{"category":27},{"category":27},{"category":5},{"category":27},{"category":27},{"category":67},"Drones & RC",{"category":69},"DIY Projects",{"category":67},{"category":72},"Photography",{"category":69},{"category":69},{"category":69},{"category":67},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":67},{"category":69},{"category":69},{"category":67},{"category":67},{"category":72},{"category":72},{"category":72},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":5},{"category":5},{"category":72},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":5},{"category":67},{"category":67},{"category":72},{"category":72},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":72},{"category":67},{"category":138},"3D Printing - Laser Cutting - CNC",{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":5},{"category":138},{"category":27},{"category":27},{"category":138},{"category":138},{"category":72},{"category":158},"Photography,3D Printing - Laser Cutting - CNC",{"category":27},{"category":27},{"category":69},{"category":27},{"category":27},{"category":27},{"category":27},{"category":5},{"category":67},{"category":5},{"category":5},{"category":27},{"category":27},{"category":27},{"category":27},{"category":27},{"category":69},{"category":27},{"category":27},{"category":27},{"category":27},{"category":181},"Home Assistant",{"category":181},{"category":72},{"category":27},{"category":27},{"category":72},{"category":138},{"category":5},{"category":72},{"category":72},{"category":138},{"category":27},{"category":181},{"category":181},{"category":72},{"category":72},{"category":72},{"category":72},{"category":72},{"category":72},{"category":72},{"category":72},191,{"id":205,"title":206,"body":207,"category":5,"date":298,"description":213,"embedImage":299,"extension":300,"image":299,"intro":299,"meta":301,"navigation":302,"path":303,"seo":304,"series":299,"sitemap":305,"stem":306,"tags":307,"__hash__":312},"content\u002F2008\u002F10\u002F13\u002Fincrease-entropy-on-a-2-6-kernel-linux-box.md","Increase entropy on a 2.6 kernel linux box",{"type":208,"value":209,"toc":294},"minimark",[210,214,217,236,239,242,245,248,251,254,257,285,288,291],[211,212,213],"p",{},"A good source of entropy is needed for random number generation. This affects services that go via SSL amongst other things.",[211,215,216],{},"However - in 2.6.x kernels the entropy sources of a system were reduced - as far as I can see it now is only affected by keyboard, mouse and some IRQ interrupts.",[211,218,219,220,230,231,235],{},"Why is this important? Well - there are two ",[221,222,229],"a",{"href":223,"rel":224,"target":228},"http:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FUrandom",[225,226,227],"nofollow","noopener","noreferer","_blank","random number sources"," on linux - \u002Fdev\u002Frandom and \u002Fdev\u002Furandom. \u002Fdev\u002Frandom will ",[232,233,234],"strong",{},"block"," if there is nothing left in the entropy bit bucket. \u002Fdev\u002Furandom uses the same bucket - but will not block (it can reuse the pool of bits).",[211,237,238],{},"You can see how many bits entropy you have available by looking in \u002Fproc\u002Fsys\u002Fkernel\u002Frandom\u002Fentropy_avail (just cat it like a normal text file).",[211,240,241],{},"I had normally between 100 and 200 - way way too low for many SSL processes to work efficiently.",[211,243,244],{},"My server has no keyboard and no mouse and I have no idea if the IRQ calls for my network driver pass the required flag to be considered.",[211,246,247],{},"So - what to do?",[211,249,250],{},"Most suggestions are around hardware generators or listening to ambient noise.",[211,252,253],{},"However - I have found that the tools rng-tools that are used for dealing with hardware random number generators can be pressed into a somewhat hacked service by making the system take \u002Fdev\u002Furandom (the non-blocking one) as a hardware source to feed the bucket.",[211,255,256],{},"Process for debian etch:",[258,259,260,267,273,279],"ol",{},[261,262,263],"li",{},[264,265,266],"code",{},"apt-get install rng-tools",[261,268,269,270],{},"Edit ",[264,271,272],{},"\u002Fetc\u002Fdefault\u002Frng-tools",[261,274,275,276],{},"Set ",[264,277,278],{},"HRNGDEVICE=\u002Fdev\u002Furandom",[261,280,281,282],{},"Run ",[264,283,284],{},"\u002Fetc\u002Finit.d\u002Frng-tools start",[211,286,287],{},"This immediately gave me an entropy bucket averaging around 2000 and maxing up over 4000.",[211,289,290],{},"This has meant that many services that were slow or were timing out are now working.",[211,292,293],{},"Note - I make no comment on how secure this is (some dislike the idea of \u002Fdev\u002Furandom), or if it is a good idea - all I can say is that I can now use services that were blocking before.",{"title":295,"searchDepth":296,"depth":296,"links":297},"",2,[],"2008-10-13 17:35:14 +0200",null,"md",{},true,"\u002F2008\u002F10\u002F13\u002Fincrease-entropy-on-a-2-6-kernel-linux-box",{"title":206,"description":213},{"loc":303},"2008\u002F10\u002F13\u002Fincrease-entropy-on-a-2-6-kernel-linux-box",[308,309,310,311],"linux","debian","entropy","rng-tools","VCZ8Vn2U5iZyePWk-2skVbXXjnm7IW0wgEttoA6i1E4",1775293015257]