I am use to low random entropy on my arm boards, not an intel. On my Lenovo x120e, cat /proc/sys/kernel/random/entropy_avail reports 3190 bits of entropy. On my armv7 with Centos7 I would get 130 unless I installed rng-tools and then I get ~1300. SSH into one and it drops back to 30! for a few minutes. Sigh. Anyway on my new Zotac nano ad12 with an AMD E-1800 duo core, I am seeing 180. I installed rng-tools and no change. Does anyone here know how to improve the random entropy? thanks
> Am 27.05.2017 um 01:09 schrieb Robert Moskowitz <rgm at htt-consult.com>: > > I am use to low random entropy on my arm boards, not an intel. > > On my Lenovo x120e, > > cat /proc/sys/kernel/random/entropy_avail > > reports 3190 bits of entropy. > > On my armv7 with Centos7 I would get 130 unless I installed rng-tools and then I get ~1300. SSH into one and it drops back to 30! for a few minutes. Sigh. > > Anyway on my new Zotac nano ad12 with an AMD E-1800 duo core, I am seeing 180. > > I installed rng-tools and no change. Does anyone here know how to improve the random entropy?http://issihosts.com/haveged/ EPEL: yum install haveged -- LF
On Sat, May 27, 2017 at 02:35:21AM +0200, Leon Fauster wrote:> > Am 27.05.2017 um 01:09 schrieb Robert Moskowitz <rgm at htt-consult.com>: > > > > I am use to low random entropy on my arm boards, not an intel. > > > > On my Lenovo x120e, > > > > cat /proc/sys/kernel/random/entropy_avail > > > > reports 3190 bits of entropy. > > > > On my armv7 with Centos7 I would get 130 unless I installed rng-tools and then I get ~1300. SSH into one and it drops back to 30! for a few minutes. Sigh. > > > > Anyway on my new Zotac nano ad12 with an AMD E-1800 duo core, I am seeing 180. > > > > I installed rng-tools and no change. Does anyone here know how to improve the random entropy? > > > http://issihosts.com/haveged/ > > EPEL: yum install havegedAnother option involves open source hardware, at http://onerng.info/ which is a hardware entropy generator. Lots of discussion on how it works, and why. the one I have doesn't seem to work on a usb3.0 port (on my desktop PC), but that may not be its fault. -- ---- Fred Smith -- fredex at fcshome.stoneham.ma.us ----------------------------- "Not everyone who says to me, 'Lord, Lord,' will enter the kingdom of heaven, but only he who does the will of my Father who is in heaven." ------------------------------ Matthew 7:21 (niv) -----------------------------
On 05/26/2017 08:35 PM, Leon Fauster wrote:>> Am 27.05.2017 um 01:09 schrieb Robert Moskowitz <rgm at htt-consult.com>: >> >> I am use to low random entropy on my arm boards, not an intel. >> >> On my Lenovo x120e, >> >> cat /proc/sys/kernel/random/entropy_avail >> >> reports 3190 bits of entropy. >> >> On my armv7 with Centos7 I would get 130 unless I installed rng-tools and then I get ~1300. SSH into one and it drops back to 30! for a few minutes. Sigh. >> >> Anyway on my new Zotac nano ad12 with an AMD E-1800 duo core, I am seeing 180. >> >> I installed rng-tools and no change. Does anyone here know how to improve the random entropy? > > http://issihosts.com/haveged/ > > EPEL: yum install havegedWOW!!! installed, enabled, and started. Entropy jumped from ~130 bits to ~2000 bits thanks Note to anyone running a web server, or creating certs. You need entropy. Without it your keys are weak and attackable. Probably even known already.