search for: entropy_avail

...ound gnutls was taking ages to calculate its keys. So disabled TLS in exim and works fine. Then I had another xen domU doing exactly the same thing so I did some more digging and came up with this post: http://groups.yahoo.com/group/exim-users/message/85430 sure enough /proc/sys/kernel/random/entropy_avail = 0 when mail is stuck in the queue. Now I''ve stopped exim from using TLS again, and I don''t think there is much else running that could be using up the entropy, but the entropy is still low, max I''ve seen it is ~300. (Compaired to 3000+ on other non-xen boxes). Both...

I am use to low random entropy on my arm boards, not an intel. On my Lenovo x120e, cat /proc/sys/kernel/random/entropy_avail reports 3190 bits of entropy. On my armv7 with Centos7 I would get 130 unless I installed rng-tools and then I get ~1300. SSH into one and it drops back to 30! for a few minutes. Sigh. Anyway on my new Zotac nano ad12 with an AMD E-1800 duo core, I am seeing 180. I installed rng-tools and...

On 05/26/2017 08:35 PM, Leon Fauster wrote: >> Am 27.05.2017 um 01:09 schrieb Robert Moskowitz <rgm at htt-consult.com>: >> >> I am use to low random entropy on my arm boards, not an intel. >> >> On my Lenovo x120e, >> >> cat /proc/sys/kernel/random/entropy_avail >> >> reports 3190 bits of entropy. >> >> On my armv7 with Centos7 I would get 130 unless I installed rng-tools and then I get ~1300. SSH into one and it drops back to 30! for a few minutes. Sigh. >> >> Anyway on my new Zotac nano ad12 with an AMD E-1800 duo co...

Hi, from time to time the IMAP login times out ... my external monitoring says "connection reset by peer (SSL)" and Thunderbird tries to connect forever. After a short while everything returns back to normal operation. The system resources are plenty, there are no error messages and no greedy background tasks running. I read a little about tweaking imap-login - but all the default

...aps connections (on port 993) suddenly get veeeery slow. Up to 180s for one connection with openssl s_client The thing we do not understand is that in the same time imap connections with starttls are just 1s. We can see that entropy on the affected system is not so high cat /proc/sys/kernel/random/entropy_avail 138 So our current theory is: we're running short of entropy but imaps connections are much more affected because they are encrypted from first bit. Whereas a starttls connection has an unencrypted part which generates some entropy it does not use. So I can add entropy to the system that other...

Hello. I was just digging around in the net and found the thread http://lkml.org/lkml/2006/5/12/103 So my questions: Are there any (good) news concerning the implementation of /dev/random in the kernel? I just cat /proc/sys/kernel/random/entropy_avail and saw I have about 250 in the DomU''s and 3500 on Dom0. I haven''t even started to implement encryption for the different kind of services I use on the DomUs and I have no hw_random. Any ideas/comments would be helpful on this matter, since I want to go online with my PKI in the...

Am Freitag, 29. Juli 2016, 09:03:45 CEST schrieb Alex Xu: Hi Alex, > On Fri, 29 Jul 2016 12:24:27 +0200 > > Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote: > > On Fri, Jul 29, 2016 at 7:40 AM, Stephan Mueller > > > > <smueller at chronox.de> wrote: > > > And finally, you have a coding error that is very very common but > > > fatal

Am Freitag, 29. Juli 2016, 09:03:45 CEST schrieb Alex Xu: Hi Alex, > On Fri, 29 Jul 2016 12:24:27 +0200 > > Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote: > > On Fri, Jul 29, 2016 at 7:40 AM, Stephan Mueller > > > > <smueller at chronox.de> wrote: > > > And finally, you have a coding error that is very very common but > > > fatal

...ich is that reading any amount from /dev/random will never block (since it is fed from /dev/urandom on the host side) whereas calling getrandom will always block unless /dev/random is read from first. Moreover, as long as virtio-rng is available (and fed from /dev/urandom), /proc/sys/kernel/random/entropy_avail is always 961 immediately after booting, which is more than enough to satisfy a one-byte read. After reading 1 byte, the estimate decreases to 896 or 897, but after reading 29 more bytes it increases to 1106. Again, these observations are consistent with the conjecture that the issue arises since...

> Am 27.05.2017 um 01:09 schrieb Robert Moskowitz <rgm at htt-consult.com>: > > I am use to low random entropy on my arm boards, not an intel. > > On my Lenovo x120e, > > cat /proc/sys/kernel/random/entropy_avail > > reports 3190 bits of entropy. > > On my armv7 with Centos7 I would get 130 unless I installed rng-tools and then I get ~1300. SSH into one and it drops back to 30! for a few minutes. Sigh. > > Anyway on my new Zotac nano ad12 with an AMD E-1800 duo core, I am seeing 180....

...ter wrote: > >> Am 27.05.2017 um 01:09 schrieb Robert Moskowitz <rgm at htt-consult.com>: > >> > >> I am use to low random entropy on my arm boards, not an intel. > >> > >> On my Lenovo x120e, > >> > >> cat /proc/sys/kernel/random/entropy_avail > >> > >> reports 3190 bits of entropy. > >> > >> On my armv7 with Centos7 I would get 130 unless I installed rng-tools and then I get ~1300. SSH into one and it > drops back to 30! for a few minutes. Sigh. > >> > >> Anyway on my new Zotac...

...aps connections (on port 993) suddenly get veeeery slow. Up to 180s for one connection with openssl s_client The thing we do not understand is that in the same time imap connections with starttls are just 1s. We can see that entropy on the affected system is not so high cat /proc/sys/kernel/random/entropy_avail 138 So our current theory is: we're running short of entropy but imaps connections are much more affected because they are encrypted from first bit. Whereas a starttls connection has an unencrypted part which generates some entropy it does not use. So I can add entropy to the system that other...

...993) suddenly get veeeery >slow. Up to 180s for one connection with openssl s_client The thing we >do not understand is that in the same time imap connections with >starttls are just 1s. >We can see that entropy on the affected system is not so high > >cat /proc/sys/kernel/random/entropy_avail >138 > >So our current theory is: we're running short of entropy but imaps >connections are much more affected because they are encrypted from >first >bit. Whereas a starttls connection has an unencrypted part which >generates some entropy it does not use. So I can add entr...

...a.ch This is on a 64 core "AMD Opteron(tm) Processor 6282 SE" server but I also got the same low entropy on an EL9 KVM guest running on a "AMD EPYC 7601" server. After a lot of searching the net I understand that rng has been reworked in 5.x kernels and /proc/sys/kernel/random/entropy_avail reaches only 256 in default configurations. But why does it go too low on a test system with almost not load? Is this an issue with AMD CPUs or does it also happen on other systems? Thanks for any insights, Simon

...ernames and passwords have market value. > And the arbitrary change made to Anaconda deals with this difficulty how, exactly? Look, I am neither for nor against setting arbitrary standards for user-passwords. In fact, his is what I do to generate system passwords: cat /proc/sys/kernel/random/entropy_avail 3459 openssl enc -base64 <<< $(head -c 32 /dev/random) | \ sed 's/\(....\)/\1:/g; s/.$//' BuRd:f8qU:yY8M:pbtO:uDlw:D53k:whW+:eJtC:z8Tc:4zlo:hiIK and discard the ':' which I provide simply to make it easier for me to read and type the damn things (once). My belief is th...

A vide se postovi i kategorije... to sam propustio... obrisacu... pa javljam.... Sent from my Samsung Galaxy smartphone. -------- Original message --------From: Jerry <jerry at seibercom.net> Date: 6/8/18 20:59 (GMT+01:00) To: Dovecot Mailing List <dovecot at dovecot.org> Subject: Re: outlook hangs using TLS On Fri, 8 Jun 2018 18:19:14 +0100, Vladimir Tiukhtin stated: >On

...t;> Am 27.05.2017 um 01:09 schrieb Robert Moskowitz <rgm at htt-consult.com>: >>>> >>>> I am use to low random entropy on my arm boards, not an intel. >>>> >>>> On my Lenovo x120e, >>>> >>>> cat /proc/sys/kernel/random/entropy_avail >>>> >>>> reports 3190 bits of entropy. >>>> >>>> On my armv7 with Centos7 I would get 130 unless I installed rng-tools and then I get ~1300. SSH into one and it >> drops back to 30! for a few minutes. Sigh. >>>> Anyway on my new Z...

...trandom will > always block unless /dev/random is read from first. That is a different issue that I did not read from your initial explanation. I need to look into it a bit deeper. > > Moreover, as long as virtio-rng is available (and fed > from /dev/urandom), /proc/sys/kernel/random/entropy_avail is always 961 > immediately after booting, which is more than enough to satisfy a > one-byte read. After reading 1 byte, the estimate decreases to 896 or > 897, but after reading 29 more bytes it increases to 1106. > > Again, these observations are consistent with the conjecture tha...

...trandom will > always block unless /dev/random is read from first. That is a different issue that I did not read from your initial explanation. I need to look into it a bit deeper. > > Moreover, as long as virtio-rng is available (and fed > from /dev/urandom), /proc/sys/kernel/random/entropy_avail is always 961 > immediately after booting, which is more than enough to satisfy a > one-byte read. After reading 1 byte, the estimate decreases to 896 or > 897, but after reading 29 more bytes it increases to 1106. > > Again, these observations are consistent with the conjecture tha...

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=40 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Additional Comments From laforge@netfilter.org 2003-02-03 16:49 ------- We haven't seen this